BACKTRACK (JAVA APPLET ATTACK)
Backtrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
Here we are covering a minute part of it.Using one of the kit name Social Engineering ToolKit.
What we gonna do is that,we'll create a payload using java applet and let the victim computer to surf our ip.As soon as it happens,a fake page of desired site will be opened in the browser of the
victim and he'll be prompted to put his user and password details in that page.If he put his details,it immediately come to your opened screen.
Step 1:Create a bootable pendrive using Universal USB Installer (If you don't know how to do it refer to the blog by clicking here).Remember you are creating a bootable USB for backtrack 5(r1,r2,r3).
Step 2:After you started backtrack 5(re,r2,r3),it'll ask the password in some cases.So default user name is root and password is toor.
Step 3:Now direct yourself to Applications->BackTrack->Exploitation Tools->Social Engineering Tools->Social Engineering Toolkit->Set
The Screen will be like this:
Step 4:As soon as you click on SET,it will direct you to SET and the screen looks like this:
Step 5:Now you need to select option 2 i.e. Website Attack Vectors.The screen will be like this:
Step 6:Now you need to select option 3 i.e. Credential Harvester Attack Method.The screenshot after that will be:
Step 7:Now you have two options to clone the website
a)Web Template
b)Site Cloner
In web template we'll have fix no. of options of the websites and we can clone only those websites that are listed
In Site Cloner,it is upto us to clone any website of our wish.What we require to do is that we'll have to write the website full URL.
Here i'm gonna use Web Template method.So select option 1.Screen after that will be:
Step 8:Now you need to select the any of the social networking site listed here,i'm going to select Facebook,so option 4,screenshot after selecting will be:
Step 9:Now you need to send your IP address to your victim.For getting your current ip type ifconfig in terminal.Send this URL directly and let your victim browse it.Suppose mu ip is 192.168.121.32 so URL should be http://192.168.121.32
You can shorten this By TinyURL.Simply paste your IP URL i.e. http://192.168.121.32 ,it will shorten it and send that shorten URL to the victim.You may send it by using any Engineering technique like messaging or while chatting.
 |
| Backtrack |
Backtrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
Here we are covering a minute part of it.Using one of the kit name Social Engineering ToolKit.
What we gonna do is that,we'll create a payload using java applet and let the victim computer to surf our ip.As soon as it happens,a fake page of desired site will be opened in the browser of the
victim and he'll be prompted to put his user and password details in that page.If he put his details,it immediately come to your opened screen.
Step 1:Create a bootable pendrive using Universal USB Installer (If you don't know how to do it refer to the blog by clicking here).Remember you are creating a bootable USB for backtrack 5(r1,r2,r3).
Step 2:After you started backtrack 5(re,r2,r3),it'll ask the password in some cases.So default user name is root and password is toor.
Step 3:Now direct yourself to Applications->BackTrack->Exploitation Tools->Social Engineering Tools->Social Engineering Toolkit->Set
Step 4:As soon as you click on SET,it will direct you to SET and the screen looks like this:
Step 5:Now you need to select option 2 i.e. Website Attack Vectors.The screen will be like this:
Step 6:Now you need to select option 3 i.e. Credential Harvester Attack Method.The screenshot after that will be:
Step 7:Now you have two options to clone the website
a)Web Template
b)Site Cloner
In web template we'll have fix no. of options of the websites and we can clone only those websites that are listed
In Site Cloner,it is upto us to clone any website of our wish.What we require to do is that we'll have to write the website full URL.
Here i'm gonna use Web Template method.So select option 1.Screen after that will be:
Step 8:Now you need to select the any of the social networking site listed here,i'm going to select Facebook,so option 4,screenshot after selecting will be:
Step 9:Now you need to send your IP address to your victim.For getting your current ip type ifconfig in terminal.Send this URL directly and let your victim browse it.Suppose mu ip is 192.168.121.32 so URL should be http://192.168.121.32
You can shorten this By TinyURL.Simply paste your IP URL i.e. http://192.168.121.32 ,it will shorten it and send that shorten URL to the victim.You may send it by using any Engineering technique like messaging or while chatting.
