- Joined
- May 12, 2016
- Posts
- 1,647
- Reaction
- 790
- Points
- 695
STEP 1: Check the Network settings in VirtualBox
The Attacker and the Victim should be on the same network. Here, the victim's Windows 10 and the attacker's Kali are on the same Wi-Fi network so we are using Bridged Networking. This is how it looks:
You do not have permission to view the full content of this post. Log in or register now.
STEP 2: The setoolkit
Go to Applications > Kali Linux > Exploitation Tools > Social Engineering Toolkit > setoolkit
You do not have permission to view the full content of this post. Log in or register now.
Alternatively, in terminal, you can type: setoolkit
STEP 3:
Now, you will get a prompt asking you to agree to the terms and conditions (if you are running it for the very first time). Enter y and move on!
You do not have permission to view the full content of this post. Log in or register now.
You get this menu now:
You do not have permission to view the full content of this post. Log in or register now.
The 1 selects social engineering attacks. Obvious choice if you read the other options from 1 to 9 (and 99 for exit)
Then, we get this menu:
You do not have permission to view the full content of this post. Log in or register now.
The 2 selects Website Attack Vectors. Not that obvious. The Web Attack module is a unique way of utilizing multiple web-based attacks in order to compromise the victim.
We have this menu now:
You do not have permission to view the full content of this post. Log in or register now.
The 3 selects Credential Harvestor. The Credential Harvester method will utilize web cloning of a web-site that has a username and password field and harvest all the information posted to the website.
Now we'll be cloning the login page:
You do not have permission to view the full content of this post. Log in or register now.
Now that is obvious!
Next we find the IP of our machine:
1. Open a new terminal window.
2. Type: ifconfig
3. Since all the VMs in VirtualBox use a Virtual Ethernet Adapter, so Bridged mode would bridge your Wi-Fi's connection to the VM through the Virtual Ethernet and all the machines on the Wi-Fi Network would be accessible. So, the Private IP appearing in the eth0 category is what we want to know here:
You do not have permission to view the full content of this post. Log in or register now.
Now we have a prompt for entering the Harvester's IP in the setoolkit(We will enter our IP used on the network):
set:webattack> IP address for the POST back in Harvester/Tabnabbing: 192.168.XXX.XX
There we go! Now press enter. We have the following prompt now:
set:webattack> Enter the url to clone: https://www.facebook.com/4
We enter facebook's URL here.
Press Enter again.
Now, if theYou do not have permission to view the full content of this post. Log in or register now. is not running, setoolkit will ask for your permission. Simply enter y and proceed.
Finally, you should have this on your terminal:
You do not have permission to view the full content of this post. Log in or register now.
Now we will try to see if this works.
STEP 4: The Victim's Desktop
Now to get the victim to open your site, you'll need to work out something. If he/she is on Windows, edit the hosts file to redirect facebook.com to your machine's IP. You'll have to think of that since I can't be situation specific here. I am going to use my Host OS to open the site.
dumb_c0nd0r enters 192.168.XXX.XX in the address bar...
He then gets the fake Facebook login page:
You do not have permission to view the full content of this post. Log in or register now.
He enters his email and password.
On pressing enter, he is redirected to the original facebook login page. He thinks he accidentally refreshed the browser and re-enters his credentials but dumb_c0nd0r failed to realise that he got pwned. Poor man!!!
Getting the credentials:
1. Open up a terminal window.
2. Type the following commands:
cd /var/www/
ls
3. You should see your harvester file in there. Type: nano harvester [press TAB to complete the filename]
Look for these two fields:
You do not have permission to view the full content of this post. Log in or register now.
So there you have it! The account is compromised.
Going a step ahead:
If you want to this to work online, you'll have toYou do not have permission to view the full content of this post. Log in or register now.. Then use You do not have permission to view the full content of this post. Log in or register now. or shorten the URL7 or do something similar to evade detection.
-h@ckoo
The Attacker and the Victim should be on the same network. Here, the victim's Windows 10 and the attacker's Kali are on the same Wi-Fi network so we are using Bridged Networking. This is how it looks:
You do not have permission to view the full content of this post. Log in or register now.
STEP 2: The setoolkit
Go to Applications > Kali Linux > Exploitation Tools > Social Engineering Toolkit > setoolkit
You do not have permission to view the full content of this post. Log in or register now.
Alternatively, in terminal, you can type: setoolkit
STEP 3:
Now, you will get a prompt asking you to agree to the terms and conditions (if you are running it for the very first time). Enter y and move on!
You do not have permission to view the full content of this post. Log in or register now.
You get this menu now:
You do not have permission to view the full content of this post. Log in or register now.
The 1 selects social engineering attacks. Obvious choice if you read the other options from 1 to 9 (and 99 for exit)
Then, we get this menu:
You do not have permission to view the full content of this post. Log in or register now.
The 2 selects Website Attack Vectors. Not that obvious. The Web Attack module is a unique way of utilizing multiple web-based attacks in order to compromise the victim.
We have this menu now:
You do not have permission to view the full content of this post. Log in or register now.
The 3 selects Credential Harvestor. The Credential Harvester method will utilize web cloning of a web-site that has a username and password field and harvest all the information posted to the website.
Now we'll be cloning the login page:
You do not have permission to view the full content of this post. Log in or register now.
Now that is obvious!
Next we find the IP of our machine:
1. Open a new terminal window.
2. Type: ifconfig
3. Since all the VMs in VirtualBox use a Virtual Ethernet Adapter, so Bridged mode would bridge your Wi-Fi's connection to the VM through the Virtual Ethernet and all the machines on the Wi-Fi Network would be accessible. So, the Private IP appearing in the eth0 category is what we want to know here:
You do not have permission to view the full content of this post. Log in or register now.
Now we have a prompt for entering the Harvester's IP in the setoolkit(We will enter our IP used on the network):
set:webattack> IP address for the POST back in Harvester/Tabnabbing: 192.168.XXX.XX
There we go! Now press enter. We have the following prompt now:
set:webattack> Enter the url to clone: https://www.facebook.com/4
We enter facebook's URL here.
Press Enter again.
Now, if theYou do not have permission to view the full content of this post. Log in or register now. is not running, setoolkit will ask for your permission. Simply enter y and proceed.
Finally, you should have this on your terminal:
You do not have permission to view the full content of this post. Log in or register now.
Now we will try to see if this works.
STEP 4: The Victim's Desktop
Now to get the victim to open your site, you'll need to work out something. If he/she is on Windows, edit the hosts file to redirect facebook.com to your machine's IP. You'll have to think of that since I can't be situation specific here. I am going to use my Host OS to open the site.
dumb_c0nd0r enters 192.168.XXX.XX in the address bar...
He then gets the fake Facebook login page:
You do not have permission to view the full content of this post. Log in or register now.
He enters his email and password.
On pressing enter, he is redirected to the original facebook login page. He thinks he accidentally refreshed the browser and re-enters his credentials but dumb_c0nd0r failed to realise that he got pwned. Poor man!!!
Getting the credentials:
1. Open up a terminal window.
2. Type the following commands:
cd /var/www/
ls
3. You should see your harvester file in there. Type: nano harvester [press TAB to complete the filename]
Look for these two fields:
You do not have permission to view the full content of this post. Log in or register now.
So there you have it! The account is compromised.
Going a step ahead:
If you want to this to work online, you'll have toYou do not have permission to view the full content of this post. Log in or register now.. Then use You do not have permission to view the full content of this post. Log in or register now. or shorten the URL7 or do something similar to evade detection.
-h@ckoo
Last edited: