Phishing Made Easy With Social Engineering Tool Kit.


What Is Social Engineering Toolkit

The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed. SET is a must have tool kit for every penetration tester.
 In this tutorial we will see the step by step procedure of how we can attack our
victim using Credential Harvester Attack method. Social-Engineering toolkit is already available on backtrack5. So we will use that tool kit in our attack.


Procedure to Attack A Victim With SET
Step 1:

Once you have got the backtrack loaded, open up your console and type the following command
cd /pentest/exploits/set

Once you are in the SET directory type ./set to launch the social engineering toolkit.
Step 2:
Once SET has been loaded, You should see many options, Since we are working with credential harvester attack method, we will select the second option which is website attack vectors.
Step 3

Next you would see many options under website attack vectors, we will select the 3rd option.

Step 4

Now, SET will ask us about the type of attack vector we would like to use,  If you have your own webtemplate, you can go for the third option.In this article, i am going with the first option which gives me some predefined webtemplates.

Step 5

Now it asks us to select the web template. In my case it is GMAIL, which is second option. After selecting the 2nd option and pressing enter just continue by pressing enter key again. Now SET will start cloning my local IP address of the backtrack box.

Step 6

Now open a new terminal and type ifconfig to get the IP address of your backtrack box.


When the victim visits this ip address, he will get my cloned gmail website and he will enter his login credentials.

Step 7

The entered credentials can be found at our SET terminal as shown in the following figure.

Hope you liked this article. Feel free to leave your comments for further doubts and clarifications.
About the Guest Author:
This article is written by Mr Srinivas, He owns Hackinginception where he writes articles related to hacking .If your interested in writing a guest post @Hackaholic please contact me

Subscribe to Hackaholic

Enjoyed this article?
Subscribe to "Hackaholic"and get daily
updates in your inbox for free!

Related Posts Plugin for WordPress, Blogger...

Sanket Shah

When i tried to do so, i was able to get username & password if i enter from my pc but when i gave that link (IP) to my friends than it showed Server Taking To Long To Respond.

Maybe it's because of my local Ip getting cloned. Can u tell me how should i clone to my Global Ip..??

REPLY
srini0x00 said on December 6, 2011 at 6:43 AM :

@Sanket Shah
This method is applicable for attacking computers inside your LAN, However if you want to attack outside the network, You would need to obtain a public IP address and would need to do port forwarding on your router.

REPLY
Anonymous

how to make it root@root??

REPLY
Kevin Pratama said on April 8, 2012 at 2:03 AM :

where should I download it?

REPLY
jinwu said on April 17, 2012 at 4:56 AM :

Hi, I follow your tutorial, but my website seems to be real "gmail" website, that's, my SET terminal only display a GET request coming in, but no matter how hard i try, it just never print out the credentials I type in.. anyone has the same problem? thanks in advance.

REPLY
Anshu Minesh said on May 27, 2012 at 9:45 AM :

@ Srinivas

Hii... I am Minesh. I am little bit hacker. I want to know how to make phishing page of facebook & get the password ? Can u tell me how to do it ?

REPLY
shad0w said on December 1, 2012 at 6:35 AM :

Awesome tut. you got there. I've successfully phished acounts on my lan. So to got outside lan (on wan) I have to send my victim my external IP 20.xx.xxx.xx and open a port. Can you tell me which port is it because I already have port 80, 443, 4444 open. Thanks in advance.

REPLY
John ( Admin ) said on December 2, 2012 at 4:32 AM :

@bot_stop

Port 80(Web server) should be Open

REPLY
Unknown said on February 27, 2013 at 5:04 AM :

How to hack Wifi Password throught..

REPLY
Unknown said on February 27, 2013 at 5:07 AM :

I Want Full Tutorial of BackTrack Wifi hacking easily please give me if you have..

REPLY
John ( Admin ) said on March 6, 2013 at 11:29 AM :

@KHADEER PASHA

Please check these tutorials
http://hackhaholic.blogspot.com/2011/07/cracking-wep-using-backtrack-wifi.html

REPLY

Use the form below to comment. No spam please!!!

© 101hacker | Design by Mukund edited by John
Powered by Blogger