can own their whole network via a user attack. This isn’t the best tool to really get good metrics or to
track the lifecycle of the attack, but helps dramatically in compromising users and accounts. Let’s see
SET in action.
To Run SET, at the command line, type:
setoolkit
And once it is up and running you should see something like this:
Figure 1.0 - Social Engineering Toolkit
Credential Harvester
Once SET is loaded, there are two common approaches I take. The first is the credential harvester.
This is to create a fake page that looks like an authentication page and gets a user to type in their
credentials. There are many different approaches within SET that I’d recommend you spend time
with, but I generally am looking for account information.
To generate a fake page, go through the follow:
1) (Social-Engineering Attacks)
2) (Website Attack Vectors)
3) (Credential Harvester)
2) (Site Cloner)
Pick IP or host to retrieve POST backs
Pick your site to clone (Example: https://accounts.google.com/ServiceLogin)
If your victim goes to the IP or URL, they’ll see something like the following:
Google authentication page, but back on your screen, you should see the username and password your
victim typed. Also, all results will be saved under/root/.set/reports/.
No comments:
Post a Comment