" I don't take realities of the world for granted; I seek to break and rebuild what I don't like. I seek to outsmart the world " -ShreeThaanu Introduction : In this article you will see how you can obtain a user’s Facebook credentials without him suspecting a thing. There are going to be provided two versions of this attack, one being locally in a private network and one being public, using port forwarding for the latter. Before devoting yourself to the main body of this article, I would like to mention two things right from the very beginning. Firstly, DO NOT, UNDER NO CIRCUMSTANCE, try what you are about to see, to cause harm, assault, threat or have a leverage over a person (illegal, you get it). The purpose of this article is to show how it’s done in regard to academic purposes (pass the knowledge on to everyone) and for testing purposes. Should you be given strict consent, act accordingly. Secondly, you must have Kali Linux installed or booted from a live CD or USB Flash before doing anything. So, check this article here explaining what Kali Linux is, if you haven’t already. SET (Social-Engineer Toolkit) is an open-source tool written in Python. It’s a framework that offers a variety of tools regarding phishing, spoofing, etc. in Social Engineering environment, as the name suggests. It was created by TrustedSec and according to them, Social Engineering is one of the hardest attacks to protect against and nowadays one of the most prevalent. Site Cloner, as the name suggests, is a tool that gives you the option to clone a website, locally. This means that your localhost, 127.0.0.1 will be running the desired website, provided that you enable the Apache service. You can find many details regarding Apache and running a website locally in the DVWA article,
Leave a Reply. |
|
Photo used under Creative Commons from nan palmero