BACKTRACK : The credential harvester attack
BACKTRACK : The credential harvester attack
Hey guys .. how u been ? so enjoying . huh ?? well m back with another Backtrack post . Its called credential harvester attack . By this u can get id and passwords of any user in urlan u want.
follow these steps:
starting SET
Well in Backtrack there is an awesome tool called SET (Social Engineering Toolkit).- To start this toolkit login as root by issuing command sudo su .
- Then issue following command:
cd /pentest/exploits/set . - Now u are in SET directory , again following command and hit enter: ./set.
Using SET
In SET you can navigate through your number pad . To navigate press corresponding keys. OK now about The credential harvester attack .... follow these steps and u can refer to pics also.- Select option no. 1 which says Social Engg toolkit .. if your SET is updated or select credential harvester method directly
- now select option no. 2 again which says Website Attack Vectors (for updated SET).
- Select option 3 which says Credential Harvester Attack Method.
- Now select any of options .. for now select option 1 which says Web Templates.
- Now select any of the templates , i used gmail .
Final step
Now give your ip to anyone in your LAN and somehow make them open it .. (that depends on you..lot of ways are there).now you will get every entry that person does in that attack.
Feel free to ask doubts.
Guys plz comment and share and like .... thanks
Stay Tuned !!!!
0 comments:
Post a Comment