Hi everyone here is the post that basically explain about very fundamental attack known to be tab nabbing attack.the attack is very simple again you sent an link to the victim he/she click on it and redirected to your desired login page which looks like original and the after putting his/her credentials you get that in no time .
so lets do this with social engineering toolkit as here more social engineering trick is very necessary .
So before doing all do check your own BT/Kali System IP address by typing
ifconfig command.
then Open Your Backtrack terminal and Type
cd /pentest/exploits/set
Now Open Social Engineering Toolkit (SET)
./set
after that choose social engineering attack that is option 1 and then choose option 2,
“Website Attack Vectors”.
a list of options will be populated you have to select option
4 “Tabnabbing Attack Method”.
next choose option 2
“Site Cloner”.
it will ask for your system ip which you can give that you got from ifconfig (
your backtrack machine ip)
Then Enter the URL of the site you want to clone. In this case
http://www.facebook.com and hit enter. SET will clone up the web site. And press return to continue.
Now convert your URL into Google URL using goo.gl and send this link address to your victim via Email or Chat or any other social way you can make it reach to victim.
When victim open in their browser it should be a message that the page is still loading. so victim start to open another tab. As soon as victim open new tab, our fake website start working. That script will redirect the victim to the phishing page your derived.
here yyou goes these are the user id and password of the victim :D.
be safe keep hacking :).
Post a Comment
Feel Free To Ask Your Query we Love To Answer