Do you know the most dangerous hacking method is social engineering?
But here we are going to explain only the common deceptive phishing attack. We are not targeting anyone.
Attackers keep eye on the victims for a month or for a year and collect data on the basis of their every single interest and daily routine to create a successful phishing attack.
Collecting information about the victim is the first step if you want to play with the victim’s brain without showing any suspicious activity.
This tutorial is not on the Social Engineering toolkit. It is in setting up a perfect environment for phishing. Don’t leave the tutorial in the middle.
Let us use and demonstrate the tools to attempt a successful phishing attack.
Initiating the SEToolkit
Convert the IP To a Cute URL using Cuteit
When the victim opens up the URL, it redirects to a fake login page of facebook/twitter. When the victim enters the credentials, it redirects to the original login page of facebook/twitter.
But it prompts a warning which shows the real URL but that can be sorted using Ngrok.
There are a few chances of getting credentials if the victim is that stupid if he doesn’t check the address bar.
Apply Phishing Over WAN Using NgRok
You just need to extract the Ngrok file and move the executable to the Desktop. Now hit the command-
./ngrok htttp 80
It gives the URL that can be accessed over WAN. The best part is, it gives both HTTP and HTTPS service.
Mask The URL
This can be done using link shortener services. Bitly, Adfly is the best in this business. You can create your own URL if you have a paid account.
Distributing The URL
|Haven't found the solution or are you having an unknown error? Join HackTalkForum.com to start a discussion or join a discussion on it.|