MiTM attack fir re-direct fowk tae phishing pages - SET

[ltx_Lazzarus]

Social Engineering Toolkit (SET), this tool wis developed in a wey tae launch advanced social engineering (SE) attacks against individuals on the same network as ye or across the internet. Fir oor purpose we're gaun tae dae a MiTM attack and re-direct fowk tae oor phishing pages fir the purpose o' trickin users intae enterin their credentials sae we're able tae capture them. We're gaun tae use SET tae dae this. Aince we hae the victims credentials we can then login tae their account tae dae onything ye wish.

Oor first step is tae dae a MiTM attack re-directin awbody tae oor webserver. Click here tae launch a re-directin HTTPS requests tae oor webserver. Aince ye've entered the syntax wi bettercap we'll then use SET tae phish some stuff.

Keep yer Bettercap windae open and runnin aince ye've completed the syntax fir "Re-directin HTTPS requests".
Next, we launch SET.

In Kali open up a new terminal windae and type the following:

Code: Select all

sudo service apache2 stop

Code: Select all

sudo setoolkit

Ye'll be presented wi the main menu, Enter the nummer (1) and hit ENTER on yer keyboard fir "Social Engineering Attacks". Anither menu will come up, Enter the nummer (2) and hit ENTER on yer keyboard fir the "Website Attack Vectors" and ye'll be presented wi ither menu, Next, enter the nummer (3) and hit ENTER on yer keyboard fir the "Credential Harvester Attack Method".

We're gaun tae select the Web Templates option and use the Twitter template fir the example A'm usin. If ye wanted tae clone a specific website then ye o' course could dae that as weel but fir noo we'll stick wi the templates in SET.
Select (1) and hit ENTER on yer keyboard. SET will ask ye fir the IP o' yer Kali machine. It should automatically show yer IP sae just hit ENTER on yer keyboard. We're gaun tae select the Twitter template sae enter the nummer (3) and hit ENTER on yer keyboard. SET will move aw the appropriate files intae yer webserver directory (/var/www/html) fir ye sae A'll ye need tae dae is hit ENTER on yer keyboard. SET has cloned the Twitter login page and is hostin the phishing pages on yer webserver on Kali.

It's important tae note that the templates used in SET will no re-direct fowk efter they've entered their credentials tae the webpage that they're expectin tae see. Ye might want tae consider editin "/etc/setoolkit/set.config" as it tells ye tae dae sae if ye wanted it tae look mair less suspicious.

Noo that oor attack is runnin ye just need tae wait fir fowk tae be re-directed tae yer webserver and enter their credentials which will be displayed tae ye within the SET windae.

The example A've used here is we're re-directin aw HTTP requests tae oor Twitter phishing page. Obviously if we're just re-directin everyone tae one page it's doubtfu fowk are just gaun tae randomly enter their shite fir ye. This is why it's important tae tailor yer attacks tae the individuals ye're tryin tae attack.

A guid example would be tae re-direct everyone tae yer attack landin page wi SET runnin that appears tae be a sign-in form tae get internet access and include a FB login page or somethin similar. Creativity is important fir success.

On yer target machine try tae visit ony HTTP website and ye'll be re-directed tae yer Twitter phishing page. Ye should hae setup bettercap accordingly as just runnin "setoolkit" withoot settin up onythin MiTM related will no MiTM yer targets.