Friday, September 13, 2013

How to Hack Gmail, Facebook with Using Tab Nabbing

0 comments

THIS IS THE LATEST TECHNIQUE OF PHISHING ATTACK.

ATTACKER OS : KALI LINUX

VICTIMS OS : WINDOWS



START SOCIAL ENGINEERING TOOLKIT.



SELECT OPTION  => SOCIAL ENGINEERING ATTACKS


SELECT OPTION 2=> WEBSITE ATTACK VECTORS


SELECT OPTION 4=> TABNABBING ATTACK METHOD


SELECT OPTION 2=> SITE CLONER


TYPE UR IP ADDRESS AND THE SITE U WANNA CLONE.
MY IP IS 192.168.152.132

AND I LIKE TO CLONE GMAIL WHILE THIS ATTACK.


NOW THE LISTENER IS START AND PROVIDE UR IP  TO UR VICTIM VIA CHAT OR ANOTHER OPTION AND U ALSO USE SHORTERN LINK TO HIDE THIS LINK.


UR VICTIM IS TRYING TO OPEN THIS LINK BUT HE/SHE WILL SHE THE PAGE IS LOADING SO THEY OPEN ANOTHER TAB AND THE ATTACK GONNA WILD.
THE SCRIPT TURNED THE NEW TAB TO UR PHISH PAGE.


AND NOW U GOT THE USER AND PASSWORD OF UR VICTIM.




Thursday, September 12, 2013

How to Hack Email using Web Jacking Method

2 comments
The web jacking attack method will create a website clone and present the victim with a link stating that the website has moved. This is a new feature to version 0.7. When you hover over the link, the URL will be presented with the real URL, not the attacker’s machine. So for example if you’re cloning gmail.com, the URL when hovered over it would be gmail.com. When the user clicks the moved link, Gmail opens and then is quickly replaced with your malicious webserver. Remember you can change the timing of the webjacking attack in the config/set_config flags.



ATTACKER OS : KALI LINUX

VICTIMS OS : WINDOWS



START SOCIAL ENGINEERING TOOLKIT.



SELECT OPTION 1 => SOCIAL ENGINEERING ATTACKS


SELECT OPTION 2 => WEBSITE ATTACK VECTORS


SELECT OPTION 5 => WEB JACKING ATTACK METHOD


SELECT OPTION 2 => SITE CLONER


NOW PUT UR IP ADDRESS FOR REVERSE CONNECTION.
MINE IS 192.168.152.132

ENETR THE SITE U WANNA CLONE..
MINE IS GMAIL.


NOW THE LISTENER IS STARTED JUST GIVE UR IP ADDRESS MINE IS
192.168.152.132

SO I GIVE HIM/HER SO WHEN HE/SHE OPEN IT IN THEIR BROWSER 
THEY WILL REDIRECT TO OUR PHISHING SITE.


YEAH THAT THE LOOK WHEN VICTIM ARRIVED GMAIL USING OUR IP.



AFTER THEY ENTER THEIR USER AND PASS ON THIS PAGE U GOT THE LOGIN DETAILS ON UR BOX...SHOWN IN BELOW/..