Creating a phishing page using Social Engineering Toolkit (SET) -LAN Attack - Only CyberSecurity

Ethical Hacking Tutorial, Cybersecurity

Breaking

Friday, September 7, 2018

Creating a phishing page using Social Engineering Toolkit (SET) -LAN Attack

Social Engineering Toolkit (SET) is available in kali linux in the applications section and social engineering tools.
In this tutorial we are going to learn how to create a phishing page using social engineering toolkit for LAN attack.

In Kali Linux terminal, execute the below command to remove existing files from web root location.

launch Social Engineering Toolkit by executing below command




Based on our requirement, we can choose from seven different options on the SE toolkit menu. In this practical, we intend to create a phishing a page which looks similar to the Facebook login page.


Select option 1 Social-Engineering Attacks


Select option 2 Website Attack Vectors


Select option 3 Credential Harvester Attack Method to harvest login credentials with the help of phishing page.


Choose 2 Site Cloner to clone a live website.


Provide a local IP address (attacker private IP) for the postback.


Provide the address of website to be cloned (https://www.facebook.com/) press enter and wait until Credential Harvester is running on port 80 message.





Trick victim to visit phishing page running on attacker’s IP address (use URL shortening service to make IP address look like web link). If the victim submits login credentials on phishing page, then the attacker will be able to view those credentials.


                                                            On victim’s computer:



On attacker’s computer:




This attack can be performed only on LAN level.

Happy Hacking:)

No comments:

Post a Comment