The web jacking attack method will create a website clone and present the victim with a link stating that the website has moved. This is a new feature to version 0.7. When you hover over the link, the URL will be presented with the real URL, not the attacker’s machine. So for example if you’re cloning gmail.com, the URL when hovered over it would be gmail.com. When the user clicks the moved link, Gmail opens and then is quickly replaced with your malicious webserver. Remember you can change the timing of the webjacking attack in the config/set_config flags.
ATTACKER OS : KALI LINUX
VICTIMS OS : WINDOWS
START SOCIAL ENGINEERING TOOLKIT.
SELECT OPTION 1 => SOCIAL ENGINEERING ATTACKS
SELECT OPTION 2 => WEBSITE ATTACK VECTORS
SELECT OPTION 5 => WEB JACKING ATTACK METHOD
SELECT OPTION 2 => SITE CLONER
NOW PUT UR IP ADDRESS FOR REVERSE CONNECTION.
MINE IS 192.168.152.132
ENETR THE SITE U WANNA CLONE..
MINE IS GMAIL.
NOW THE LISTENER IS STARTED JUST GIVE UR IP ADDRESS MINE IS
192.168.152.132
SO I GIVE HIM/HER SO WHEN HE/SHE OPEN IT IN THEIR BROWSER
THEY WILL REDIRECT TO OUR PHISHING SITE.
YEAH THAT THE LOOK WHEN VICTIM ARRIVED GMAIL USING OUR IP.
AFTER THEY ENTER THEIR USER AND PASS ON THIS PAGE U GOT THE LOGIN DETAILS ON UR BOX...SHOWN IN BELOW/..
1 comments:
i used Vmware version of Kali and i tried your above codes but itz work in my computer only, i send that link to others but itz not work.
can you tell me why is that ?
Post a Comment