Scribd Logo
Upload

Welcome to Scribd!

  • Phishing Attack - Step by Step Demo Using Kali Linux Free Tool!

    Uploaded by

    micheal king
    25 views8 pages

    Original Title

    1 new message

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views8 pages

    Phishing Attack - Step by Step Demo Using Kali Linux Free Tool!

    Uploaded by

    micheal king

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    8/22/2021 1 new message


    (https://www.cybervie.com)

    Blog (https://www.cybervie.com/category/blog/)
    Phishing Attack – Step by step Demo using Kali Linux Free
    Tool!

    Phishing is a form of cyber attack which typically relies on email or other


    electronic communication methods such as text messages and phone calls.

    Phishing attack using kali Linux is a form of a cyber attack (https://portal.cybervie.com/) that
    typically relies on email or other electronic communication methods such as text messages
    and phone calls. It is one of the most popular techniques of social engineering. Where hackers
    pose as a trustworthy organization or entity and trick users into revealing sensitive and
    confidential information.

    We will create a Facebook phishing page using Social Engineering Toolkit which is a
    preinstalled functionality in Kali Linux OS. The phishing link can be sent to any user on the same
    Local Area Network as you and the data that they enter on the fraudulent page will be stored in a
    file on the attacker’s machine.

    Social Engineering Toolkit or SET for short is the standard for social engineering testing among
    security professionals and even beginners must have a basic idea about using the tool. Basically,
    it implements a computer-based social engineering attack.

    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 1/8
    8/22/2021 1 new message

    Steps of Phishing Attack:


    Open the terminal window in Kali and make sure you have root access as ‘setoolkit’ needs 
    you to have root access
    (https://www.cybervie.com)
    Type ‘setoolkit’ in the command line

    You will be warned that this tool is to be used only with company authorization or for
    educational purposes only and that the terms of service will be violated if you use it for malicious
    purposes.

    Type y to agree to the conditions and use the tool

    A menu shows up next. Enter 1 as the choice as in this demo we attempt to demonstrate a
    social engineering attack.

    Under Social Engineering, there are various computer-based attacks and SET explains each in one
    line before asking for a choice.

    Enter 3 which will select the ‘Credential Harvester Attack Method’ as the aim is to obtain
    user credentials by creating a bogus page that will have certain form fields.

    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 2/8
    8/22/2021 1 new message

    Now, the attacker has a choice to either craft a malicious web page on their own or to just clone
    an existing trustworthy site.

    Enter 2 in order to select ‘Site Cloner’
    (https://www.cybervie.com)
    This might take a moment as SET creates the cloned page.

    Now you need to see the IP address of the attacker machine. Open a new terminal window
    and write ifconfig
    Copy the IP address stated in ‘inet’ field

    SET will ask you to provide an IP where the credentials captured will be stored. Paste the
    address that you copied in the earlier step.
    Since we chose to clone a website instead of a personalized one, the URL to be cloned is to
    be provided. In this example, it is www.facebook.com
    Social Engineering Toolkit needs Apache Server running as captured data is written to the
    root directory of Apache. Enter y when prompted about starting the Apache process.

    The setup for a phishing attack (https://www.cybervie.com/blog/) is complete, you have cloned
    Facebook and hosted it on the server.

    SET informs us of the directory at which the captured data will be stored.

    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 3/8
    8/22/2021 1 new message


    (https://www.cybervie.com)

    The IP address is usually hidden carefully by using URL shortener services to change the URL so
    that it is better hidden and then sent in urgent-sounding emails or text messages.

    Go to browser and type http://yourIP (eg: http://192.168.0.108) Note: I am writing this


    article from Maharashtra, India hence Facebook is in the native language Marathi.

    If an unsuspecting user fills in their details and clicks on ‘Log In’, the fake page takes them to the
    actual Facebook login page. Usually, people tend to pass it off as a glitch in FB or an error in their
    typing.

    Finally, reap the benefits. Go to /var/www/html and you can see the harvester file created
    there.

    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 4/8
    8/22/2021 1 new message


    (https://www.cybervie.com)

    Hope this guide gave you a basic idea of how phishing attacks work.

    Phishing is constantly evolving to entrap innocent computer users. Recommended safety tips will
    be to always check the URL of a website in the browser and use two-factor authentication as it
    provides an extra security layer to your account.

    https://www.youtube.com/watch?v=3pzPakMWoBY

    See the video tutorial here

    About Cybervie
    Cybervie provides best cyber security training program in hyderabad, India.This cyber security course
    enables you to detect vulnerablities of a system, wardoff attacks and manage emergency situations.
    Taking a proactive approach to security that can help organisations to protect their data, Cybervie has
    designed its training module based on the cyber security industry requirements with three levels of
    training in both offensive and defensive manner, and use real time scenarios which can help our
    students to understand the market up-to its standard certification which is an add on advantage for our
    students to stand out of competition in an cyber security interview.

    More Info – Click Here (https://www.cybervie.com/aboutus/)

       

    Recent Posts
    Understanding Diavol – Ransomware Used By Wizard Spider
    (https://www.cybervie.com/blog/understanding-diavol-ransomware-used-by-
    wizard-spider/)
    Read More » (https://www.cybervie.com/blog/understanding-diavol-ransomware-used-by-wizard-

    spider/)

    (https://www.cybervie.com/blog/understanding-
    diavol
    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 5/8
    8/22/2021 1 new message
    diavol-
    ransomware-used-
    by-wizard-spider/)

    Cyber Kill Chain | Attacker’s and Defender’s Perspective
    (https://www.cybervie.com)
    (https://www.cybervie.com/blog/cyber-kill-chain-attackers-and-defenders-
    perspective/)
    Read More » (https://www.cybervie.com/blog/cyber-kill-chain-attackers-and-defenders-perspective/)

    (https://www.cybervie.com/blog/cyber-
    kill-chain-
    attackers-and-
    defenders-
    perspective/)

    Wannacry Ransomware: Malware that Crippled the World


    (https://www.cybervie.com/blog/wannacry-ransomware-malware-that-
    crippled-the-world/)
    Read More » (https://www.cybervie.com/blog/wannacry-ransomware-malware-that-crippled-the-

    world/)

    (https://www.cybervie.com/blog/wannacry-
    ransomware-
    malware-that-
    crippled-the-
    world/)

    The Cyber-Pandemic: A Panic Situation An Opportunity


    (https://www.cybervie.com/blog/cybersecurity-risks-in-a-pandemic/)
    Read More » (https://www.cybervie.com/blog/cybersecurity-risks-in-a-pandemic/)

    (https://www.cybervie.com/blog/cybersecurity-
    risks-in-a-
    pandemic/)

    Dark Web – A Comprehensive Guide (https://www.cybervie.com/blog/dark-


    web-links/)
    Read More » (https://www.cybervie.com/blog/dark-web-links/)

    (https://www.cybervie.com/blog/dark-
    web-links/)

    Follow Us on Youtube

    Is coding really required to learn Cyber Secu…


    Secu…

    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 6/8
    8/22/2021 1 new message

    Cyber Security Training Program 2020 


    (https://www.cybervie.com)
    Cyber security Course offered by Cybervie prepares students for a path of success in a highly

    demanding and rapidly growing field of cyber security. The course is completely designed with
    an adaptable mindset, where the program allows the student to complete the course work at
    their own pace while being able to complete weekly assignments. Hence, also making it
    convenient for busy working professionals to pursue the training to help them advance their
    career in cyber security.

    Cybervie has designed the training module based on the cyber security industry requirements in
    both offensive and defensive manner, using real time scenarios which help our students to
    understand the market standards.

    VISIT PROGRAM 
    (HTTPS://WWW.CYBERVIE.COM/CYBER-SECURITY-TRAINING-PROGRAM/)

    Sign Up For Our Newsletter

    Email

    Send

    Interested in Cyber Security Training Program 2020 – Click Here (https://www.cybervie.com/cyber-security-


    training-program-2020/)

    Get in Touch! Now.

    Name

    Email

    Phone

    Query

    I'm not a robot


    reCAPTCHA
    Privacy - Terms

    Submit

    Academy

     Cyber Security Training Program 2020(https://www.cybervie.com/cyber-security-training-program-2020/)


     Events - Ethical Hacking Workshops(https://www.cybervie.com/trainings/ethical-hacking-workshop/)
     Cyber Security Blog - Knowledge Base(https://www.cybervie.com/blog/)

    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 7/8
    8/22/2021 1 new message
    Service

     Web Application Security - VAPT(https://www.cybervie.com/web-application-security-vapt/)



     Security As A Service - SAAS(https://www.cybervie.com/service/security-as-a-service/)
     Insider Threat Protection(https://www.cybervie.com/service/insider-threat/)
    (https://www.cybervie.com)
     Cyber Security Awareness for Employees(https://www.cybervie.com/service/cyber-security-awareness/)
    Company

     About Us(https://www.cybervie.com/about-us/)
     Privacy Policy(https://www.cybervie.com/privacy-policy/)
     Terms of Service(https://www.cybervie.com/terms-and-conditions/)
     Sitemaps(https://www.cybervie.com/sitemap_index.xml)
     Careers(https://www.cybervie.com/hire-professionals-through-cybervie/)

    Contact Us

     info(@)cybervie.com(mailto:info@cybervie.com)
     +91 9000 878 798(tel:919000878798)
     +91 9704 260 305(tel:919704260305)
     Live Support(https://tawk.to/chat/59d62f534854b82732ff3c9b/default)

    Office Address

    Hyderabad India - MCR Complex, Plot no-891,#202, Rd Number 48, SBH Officers Colony, Mega Hills,

    Madhapur, Hyderabad, Telangana 500081.
    (htt
     Sydney Australia - Cybervie 2/4 eastbourne road homebush
    ps:/ west NSW 2140 Australia.
    (htt
    ps:/ (htt (htt /api
    ps:/ .wh
     US - Cybervie 14621 Juventus St Charlotte,/ww ps:/Carolina
    North 28277-4117 United States.
    w.fa /twi /ww atsa
    ceb tter. w.in pp.c
    ook. co stag om/
     co m/I ram sen
    m/c nfo .co d?
    ybe Cyb m/c pho
    rviei ervi ybe ne=
    ndi e) rvie 919
    a/) _/) 000
    878
    798)
    © 2021 Ionots Technologies Pvt.Ltd | All Rights Reserved. (https://www.cybervie.com)

    https://www.cybervie.com/blog/phishing-attack-using-kali-linux/ 8/8

    You might also like