Search the Community

Credits: C_J Hello everyone! This is a continuation of part 1 of the Using Social Engineer Toolkit tutorial. Lets continue! The purpose why i am the use of mobile phone (android)? Let see how the web page displayed in my integrated android browser. So, I am gaining access to my Kali Linux webserver on 192.168.43.99 in the browser. And here is the page: See? It seems so real, there aren’t any security problems displayed on it. The URL bar displaying the title alternatively the URL itself. We understand the silly will apprehend this as the original Google page. So, i bring my cell smartphone, and stroll into my buddy, and communicate to him as though i failed to login to Google and act if I am thinking if Google crashed or errored. I deliver my telephone and ask him to try to login the usage of his account. He doesn’t trust my phrases and at once starts offevolved typing in his account statistics as though not anything will manifest badly here. Haha. He already typed all the required forms, and let me to click the Sign in button. I click the button… Now It is loading… And then we got Google search engine main page like this. Once the victim clicks the Sign in button, it will send the authentication information to our listener machine, and it is logged. Nothing is going on, i tell him, the Sign In button remains there, you did not login even though. And then i’m beginning again the phising page, at the same time as some other friend of this silly coming to us. Nah, we were given every other sufferer. Until i cut the communicate, then i go returned to my table and check the log of my SEToolkit. And if you followed it correctly you should have a username and password highlighted in red. And we are done! Thank you for viewing this tutorial. tools:

Credits: C_J Hello everyone. I have recently installed the SEToolkit and King Phisher and thought it would be useful if I showed you guy’s how to do it to if you wanted to learn these tools. Lets get started! Installing the tool: Here are the commands to properly install the SEToolkit from GitHub. sudo apt-get install git git clone [Hidden Content] set/ cd set pip install -r requirements.txt Next you will go into your terminal and type setoolkit It will then open the terms and agreements. If you want to use the tool you will type Y into the prompt. You will then encounter a menu that shows you the following In this tutorial you will type in the first option (1) and hit enter. In the next part of the menu you will see the following: you will then select the second option which is Website Attack Vectors. You will then select number 3 from the menu below: Further options are narrower, SET has pre-formatted phishing page of popular websites, such Google, Yahoo, Twitter and Facebook. Now choose number 1. Web Templates . Because, my Kali Linux PC and my mobile phone were in the same Wi-Fi network, so just input the attacker ( my PC ) local IP address. And hit ENTER. PS: To check your device IP address, type: ‘ifconfig’ Alright so far, we have set our method and the listener IP address. In this options listed pre-defined web phising templates as i mentioned above. Because we aimed Google account page, so we choose number 2. Google. Hit ENTER. Now, SET starts my Kali Linux Webserver on port 80, with the fake Google account login page. Our setup is done. Now i am ready walking into my friends room to login into this phishing page using my mobile phone. Tools: