Ever wanted to know how phishing is performed? and how long it takes to setup? well, in this post, we are going to take a closer look at phishing attacks and how they are setup. The fun thing is, you can do this at home, in your own private network.
In order to setup a phishing page, we will need to have the following running in our private network.
- Kali Linux operating system
- Any operating system with browser functions
- Some time
I personally like to use the virtualbox environment to run my virtual machines. Make sure that your virtual machines are setup to ‘host-only’, in this way you will ensure yourself that only the designated environments will be able to see each other and that there will no be accidental victims of your phishing page.
In the Kali Linux environment, we will need to navigate to the social engineering section which you can find in the Kali Linux menu.
We have assigned the Kali Linux environment the following IP address:
Our victim device is running on:
Before we can start using the social engineering toolkit, we will have to agree to the terms and services.
Press 'Y' and 'ENTER' once you have read and agreed to the terms of using the social engineering toolkit.
Once you have agreed to the terms, you will get a new window that will contain the menu of the social engineering tookit. In this menu, we will have to select ‘1’, which will head us into the flow of a social engineering attack.
Press '1' and hit 'ENTER'
In the next step, we will have a menu that allows us to select multiple methods to perform the phishing attack. In this tutorial, we are going to pick the website attack vectors attack.
Press '2' and hit 'ENTER'
In the following window we will select the TABNABBING method.
Press '4' and hit 'ENTER'
In the following menu we will be allowed to be pick a template or use a website cloning tool. We are going to pick the website cloning tool.
Press '2' and hit 'ENTER'
In the following window, we will have to provide our post back environment, in this setup this will be the Kali Linux operating system which is running on 192.168.1.102.
So we provide the following details:
Type '192.168.1.102' and press 'ENTER'
In the next step we are allowed to clone a login page, pick any site with a login page and provide it in the terminal.
Once you have provided the details, you are all setup. Follow the steps, and once the ‘harvester’ is running, navigate via the victim pc to the site ‘http://192.168.1.102’.
In this attack it is important that the user opens a different tab and switches back to the previous tab. Once this is done, the Phished site will appear. Once the user provides any details, you will see it back in your SET terminal.