Hướng Dẫn Thực Hành : Social Engineering Toolkit (SET): Lesson 1

Bài hướng dẫn hack Facebook thông qua cơ chế giả mạo website đăng nhập với bộ công cụ SET trên Back Track.

  1. What is the Social-Engineering Toolkit (SET)
    • The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing.
    • It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
    • Social-Engineering toolkit available on backtrack like on Kali Linux (backtrack 6), backtrack 5, backbox, blackbuntu, Gnacktrack and other Linux distribution that are used for penetration testing.
  2. Bài hướng dẫn chỉ dùng cho mục đích học tập, nghiên cứu hay Penetration Test. Không áp dụng để thực hiện các hành vi vi phạm pháp luật về an toàn thông tin hay tiến hành trên các hệ thống mạng và mục tiêu mà các bạn không có thẩm quyền.  
Section 1. Configure BackTrack Virtual Machine Settings
  1. Open Your VMware Player
    • Instructions:
      1. On Your Host Computer, Go To
      2. Start –> All Program –> VMWare –> VMWare Player
  2. Edit BackTrack Virtual Machine Settings
    • Instructions:
      1. Highlight BackTrack5R1
      2. Click Edit virtual machine settings
  3. Edit Network Adapter
    • Instructions:
      1. Highlight Network Adapter
      2. Select Bridged
      3. Do not Click on the OK Button.

Section 2. Login to BackTrack
  1. Start BackTrack VM Instance
    • Instructions:
      1. Start Up VMWare Player
      2. Select BackTrack5R1
      3. Play virtual machine
  2. Login to BackTrack
    • Instructions:
      1. Login: root
      2. Password: toor or <whatever you changed it to>.
  3. Bring up the GNOME
    • Instructions:
      1. Type startx

Section 3. Open Console Terminal and Retrieve IP Address
  1. Open a console terminal
    • Instructions:
      1. Click on the console terminal
  2. Get IP Address
    • Instructions:
      1. ifconfig -a
    • Notes(FYI):
      • As indicated below, my IP address is
      • Please record your IP address.

Section 4. Start the Social Engineering ToolKit
  1. Start Social Engineering ToolKit
    • Instructions:
      1. cd /pentest/exploits/set
      2. ./set
  2. Website Attack Vector
    • Instructions:
      1. Select 2
  3. Select Credential Harvester Method
    • Instructions:
      1. Select 3
  4. Select Site Cloner
    • Instructions:
      1. Select 2
  5. Enter URL to Clone
    • Instructions:
      1. http://www.facebook.com
  6. Website Cloning
    • Instructions:
      1. Press the <Enter> key
      2. *** Read the Below Notes ***
      3. Then Continue to the next Section.
    • Note(FYI):
      • Now you have created a cloned facebook login webpage that is listening on port 80.
      • For non-educated Internet users, may be you could send them an email saying check out the new facebook website.
      • In my case, the website address would be
      • In your case, replace with the IP address you obtained in Section 3, Step 2.
      • Once the victim clicks on your cloned website their login and password credentials will be displayed below.

Section 5. Start Up Windows Machine
  • Social Engineering Note
    • The Victim does not have to use the below VMware Instance.
    • It can be any type of web browser (i.e., Internet Explorer, Firefox, Chrome, etc) for any type of Operating System (Windows, Linux, MacOS, etc).
    • Image an attacker sending an email to the victim that reads, “Hey Check out the new beta version of facebook”, or whatever website that was cloned.
  1. Start Up Damn Vulnerable WXP-SP2.
    • Instructions: (copy máy ảo này từ source do giáo viên cung cấp)
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Edit virtual machine Settings
    • Note(FYI):
      • For those of you not part of my class, this is a Windows XP machine running SP2.
  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Network Adapter
      2. Click on the Bridged Radio button
      3. Click on the OK Button
  3. Play Virtual Machine
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Play virtual machine
  4. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Username: administrator
      2. Password: Use the Class Password or whatever you set it.
  5. Open a Command Prompt
    • Instructions:
      1. Start –> All Programs –> Accessories –> Command Prompt
  6. Obtain Damn Vulnerable WXP-SP2’s IP Address
    • Instructions:
      1. ipconfig
    • Note(FYI):
      • In my case, Damn Vulnerable WXP-SP2’s IP Address
      • This is the IP Address of the Victim Machine that will be attacked by Metasploit.
      • Record your Damn Vulnerable WXP-SP2’s IP Address.
Section 6. Start Up a Web Browser
  1. Start Up Internet Explorer
    • Instructions:
      1. Start –> All Programs –> Internet Explorer
  2. Victim Clicks on Link
    • Note(FYI):
      • Replace with BackTrack’s IP Address obtain from  (Section 3, Step 2).
    • Instructions:
      1. Place the BackTrack IP in the Address Bar.
        • In my case,
      2. Provide a test UserID.
      3. Provide a test Password.
      4. Click Login.
  3. Analyzing Results After Login
    • Instructions:
      1. Notice that the Address URL changed to Facebook.
        • This is to give the victim a sense of perhaps a failed login attempt instead of invoking suspicion and alarm.
      2. Notice the Email textbox is populated with the Login you previous supplied to Cloned Webpage.
      3. Continue to the next section to see the victim’s username and password.
Section 7. View Victim’s Username and Password
  1. Viewing Victim’s Username and Password
    • Instructions:
      1. Make sure you switch over to BackTrack
      2. Notice that now you have data showing the victim’s username and password.
        • Let’s say you sent this cloned link to many victim’s and left SET run for a while, you will see a lot of username and password combinations.
      3. To Exit, press the <Ctrl> and “c” key at the same time.
  2. Copy Report Link
    • Instructions:
      1. Highlight the XML link
      2. Right Click
      3. Click on Copy
      4. Press Enter
  3. Exit Web Attack Menu
    • Instructions:
      1. Type 99
      2. Press <Enter>
  4. Exit Web Attack Menu
    • Instructions:
      1. Type 99
      2. Press <Enter>
  5. Exit Web Attack Menu
    • Instructions:
      1. cat “reports/2012-03-18 13:02:08.167118.xml”
        • Note: In your case, this is the report created in Step 2 or this Section.
      2. Notice the Victim’s Login Credentials

Section 7. Proof of Lab
  1. Proof of Lab
    • Instructions:
      1. Clone http://www.linkedin.com
        • (See Section 5)
        • For the Victim Login use the following address
          • first.last@victim.com
          • E.g., john.gray@victim.com
      2. cat the log you created for the cloned linkedin website.
        • (See Section 6, Step 5)
      3. date
      4. echo “Your Name”
        • e.g., echo “DNSSP”
    • Proof of Lab Instructions:
      1. Do a Print Screen using the <PrtScn> button.
      2. Paste into a word document.
      3. Email to AnToanThongTin.Edu.Vn@Gmail.Com