Creating phishing website is the most prominent way to steal sensitive user data. Hacker’s implement this method time and again successfully. Earlier we have discussed installing and configuring Kali Linux. The Linux distro comes with a toolkit designed for hackers. Kali Linux best works with the Virtual Box rather than installing it in dual OS mode.
Social Engineering Toolkit (SET):
This is an integral part of Kali Linux. To access the toolkit you need to have root access to the system. Social Engineering Toolkit (SET) helps in designing your phishing attacks. Today we will discuss the most prominent way the phishing website attack for hacking username password.
In this attack a website clone is created which looks exactly same as the original website. The website is hosted on an external server. So any http request sent to the server will display the cloned page. Now why will any one visit your server. That is the trick which you need to understand.
Steps to create a phishing website for hacking username password:
1) Open the terminal window in your Kali Linux.
2) As pointed out earlier to access the SET you need to have root access. If you are not at the root prompt type,
3) At root prompt type,
4) Enter 1 to Select ‘Social – Engineering Attacks’.
5) Enter 2 to ‘Select Website Attack Vectors’.
6) Since we intend hacking username password i.e credentials through our phishing website we need to enter 3 ‘Credential Harvester Attack Method’.
7) Since we need to clone the site we need to enter 2 for ‘Site Cloner’.
8) It will ask for IP address for the post back in Harvester/Tabnabbing. Enter the IP address of an external server, where you will be hosting the website. For example if you enter the ip address as 192.168.1.12, when anybody visits the url http://192.168.1.12 the user will be shown the webpage of the cloned website.
9) Enter the url to clone, here we need to enter the site you want to clone so enter it http://www.siteTo BeCloned.com.
You have now cloned the website and hosted it on the server. Remember the page that you are cloning should be the log in page of the website where user enters the credentials. Now as we have discussed no one will visit the ip address so here the url shortener services like bitly.com, goo.gl, yourls.org, tiny.cc to name a few. Create a shortened url and share it on forums so that users click and follow the url to your phishing website.
Whenever the user enters the credentials and submits it, the data is sent to your SET and you will see the users credential displayed on your screen. This is how the SET helps in hacking username password by creating phishing websites.
Safety tip for users against SET attack:
It is always advised by financial institutions to its users that they should not follow a link to visit the internet banking portals. Always check the url in the browser before entering your credentials.
The cloned website url’s are either ip addresses or a small difference in the name. Example if a legitimate website address is http://www.yourBank.com the cloned website could be http://www.yourBank.co.uk, a difference that could go unnoticed.
Disclaimer: The article is for Educational purpose only. The website and the author are not responsible for any unlawful use of this article. Please don’t misuse the information.