Hướng Dẫn Thực Hành : Social Engineering Toolkit (SET): Lesson 1

Bài hướng dẫn hack Facebook thông qua cơ chế giả mạo website đăng nhập với bộ công cụ SET trên Back Track.

  1. What is the Social-Engineering Toolkit (SET)
    • The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing.
    • It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
    • Social-Engineering toolkit available on backtrack like on Kali Linux (backtrack 6), backtrack 5, backbox, blackbuntu, Gnacktrack and other Linux distribution that are used for penetration testing.
  2. Bài hướng dẫn chỉ dùng cho mục đích học tập, nghiên cứu hay Penetration Test. Không áp dụng để thực hiện các hành vi vi phạm pháp luật về an toàn thông tin hay tiến hành trên các hệ thống mạng và mục tiêu mà các bạn không có thẩm quyền.  
Section 1. Configure BackTrack Virtual Machine Settings
  1. Open Your VMware Player
    • Instructions:
      1. On Your Host Computer, Go To
      2. Start –> All Program –> VMWare –> VMWare Player
  2. Edit BackTrack Virtual Machine Settings
    • Instructions:
      1. Highlight BackTrack5R1
      2. Click Edit virtual machine settings
  3. Edit Network Adapter
    • Instructions:
      1. Highlight Network Adapter
      2. Select Bridged
      3. Do not Click on the OK Button.

Section 2. Login to BackTrack
  1. Start BackTrack VM Instance
    • Instructions:
      1. Start Up VMWare Player
      2. Select BackTrack5R1
      3. Play virtual machine
  2. Login to BackTrack
    • Instructions:
      1. Login: root
      2. Password: toor or <whatever you changed it to>.
  3. Bring up the GNOME
    • Instructions:
      1. Type startx

Section 3. Open Console Terminal and Retrieve IP Address
  1. Open a console terminal
    • Instructions:
      1. Click on the console terminal
  2. Get IP Address
    • Instructions:
      1. ifconfig -a
    • Notes(FYI):
      • As indicated below, my IP address is 192.168.1.105.
      • Please record your IP address.

Section 4. Start the Social Engineering ToolKit
  1. Start Social Engineering ToolKit
    • Instructions:
      1. cd /pentest/exploits/set
      2. ./set
  2. Website Attack Vector
    • Instructions:
      1. Select 2
  3. Select Credential Harvester Method
    • Instructions:
      1. Select 3
  4. Select Site Cloner
    • Instructions:
      1. Select 2
  5. Enter URL to Clone
    • Instructions:
      1. http://www.facebook.com
  6. Website Cloning
    • Instructions:
      1. Press the <Enter> key
      2. *** Read the Below Notes ***
      3. Then Continue to the next Section.
    • Note(FYI):
      • Now you have created a cloned facebook login webpage that is listening on port 80.
      • For non-educated Internet users, may be you could send them an email saying check out the new facebook website.
      • In my case, the website address would be http://192.168.1.105
      • In your case, replace 192.168.1.105 with the IP address you obtained in Section 3, Step 2.
      • Once the victim clicks on your cloned website their login and password credentials will be displayed below.

Section 5. Start Up Windows Machine
  • Social Engineering Note
    • The Victim does not have to use the below VMware Instance.
    • It can be any type of web browser (i.e., Internet Explorer, Firefox, Chrome, etc) for any type of Operating System (Windows, Linux, MacOS, etc).
    • Image an attacker sending an email to the victim that reads, “Hey Check out the new beta version of facebook”, or whatever website that was cloned.
  1. Start Up Damn Vulnerable WXP-SP2.
    • Instructions: (copy máy ảo này từ source do giáo viên cung cấp)
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Edit virtual machine Settings
    • Note(FYI):
      • For those of you not part of my class, this is a Windows XP machine running SP2.
  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Network Adapter
      2. Click on the Bridged Radio button
      3. Click on the OK Button
  3. Play Virtual Machine
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Play virtual machine
  4. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Username: administrator
      2. Password: Use the Class Password or whatever you set it.
  5. Open a Command Prompt
    • Instructions:
      1. Start –> All Programs –> Accessories –> Command Prompt
  6. Obtain Damn Vulnerable WXP-SP2’s IP Address
    • Instructions:
      1. ipconfig
    • Note(FYI):
      • In my case, Damn Vulnerable WXP-SP2’s IP Address 192.168.1.116.
      • This is the IP Address of the Victim Machine that will be attacked by Metasploit.
      • Record your Damn Vulnerable WXP-SP2’s IP Address.
Section 6. Start Up a Web Browser
  1. Start Up Internet Explorer
    • Instructions:
      1. Start –> All Programs –> Internet Explorer
  2. Victim Clicks on Link
    • Note(FYI):
      • Replace 192.168.1.105 with BackTrack’s IP Address obtain from  (Section 3, Step 2).
    • Instructions:
      1. Place the BackTrack IP in the Address Bar.
        • In my case, http://192.168.1.105
      2. Provide a test UserID.
      3. Provide a test Password.
      4. Click Login.
  3. Analyzing Results After Login
    • Instructions:
      1. Notice that the Address URL changed to Facebook.
        • This is to give the victim a sense of perhaps a failed login attempt instead of invoking suspicion and alarm.
      2. Notice the Email textbox is populated with the Login you previous supplied to Cloned Webpage.
      3. Continue to the next section to see the victim’s username and password.
Section 7. View Victim’s Username and Password
  1. Viewing Victim’s Username and Password
    • Instructions:
      1. Make sure you switch over to BackTrack
      2. Notice that now you have data showing the victim’s username and password.
        • Let’s say you sent this cloned link to many victim’s and left SET run for a while, you will see a lot of username and password combinations.
      3. To Exit, press the <Ctrl> and “c” key at the same time.
  2. Copy Report Link
    • Instructions:
      1. Highlight the XML link
      2. Right Click
      3. Click on Copy
      4. Press Enter
  3. Exit Web Attack Menu
    • Instructions:
      1. Type 99
      2. Press <Enter>
  4. Exit Web Attack Menu
    • Instructions:
      1. Type 99
      2. Press <Enter>
  5. Exit Web Attack Menu
    • Instructions:
      1. cat “reports/2012-03-18 13:02:08.167118.xml”
        • Note: In your case, this is the report created in Step 2 or this Section.
      2. Notice the Victim’s Login Credentials

Section 7. Proof of Lab
  1. Proof of Lab
    • Instructions:
      1. Clone http://www.linkedin.com
        • (See Section 5)
        • For the Victim Login use the following address
          • first.last@victim.com
          • E.g., john.gray@victim.com
      2. cat the log you created for the cloned linkedin website.
        • (See Section 6, Step 5)
      3. date
      4. echo “Your Name”
        • e.g., echo “DNSSP”
    • Proof of Lab Instructions:
      1. Do a Print Screen using the <PrtScn> button.
      2. Paste into a word document.
      3. Email to AnToanThongTin.Edu.Vn@Gmail.Com

 

  

Comments

  • ultra boost
    Trả lời

    Thanks so much for providing individuals with a very terrific possiblity to read articles and blog posts from this blog. It is always very cool plus packed with a great time for me and my office acquaintances to search your web site no less than three times a week to read through the fresh things you have. And definitely, I am just actually astounded with all the good concepts served by you. Certain 4 ideas in this article are basically the most beneficial we’ve ever had.
    ultra boost [url=http://piep.net/ultra]ultra boost[/url]

  • Adidas Originals NMD R_1 Runner Primeknit Consortium Running Shoes Red/Black
    Trả lời

    You should participate in a contest for probably the greatest blogs on the web. I will recommend this site!

  • yeezy boost 350 v2
    Trả lời

    A lot of thanks for all your effort on this website. Gloria enjoys working on investigations and it’s really easy to understand why. My partner and i hear all regarding the lively ways you render valuable tactics on the website and even boost participation from other individuals about this subject while our favorite daughter is undoubtedly discovering so much. Take pleasure in the remaining portion of the year. You are doing a wonderful job.
    yeezy boost 350 v2

  • ferragamo belt
    Trả lời

    I have to express my thanks to this writer for rescuing me from this type of problem. As a result of exploring through the online world and seeing basics that were not beneficial, I was thinking my entire life was done. Living without the presence of answers to the issues you’ve solved as a result of your main article content is a critical case, and the ones which may have negatively damaged my career if I had not encountered your blog. Your actual training and kindness in controlling every aspect was tremendous. I don’t know what I would have done if I had not discovered such a step like this. I can at this time look ahead to my future. Thank you so much for this expert and amazing guide. I won’t hesitate to endorse the website to any person who desires direction on this situation.
    ferragamo belt

  • yeezy boost 350
    Trả lời

    I wish to express appreciation to you just for rescuing me from this challenge. Just after searching throughout the the net and meeting ideas that were not pleasant, I figured my entire life was well over. Existing without the strategies to the difficulties you have fixed by way of your main blog post is a critical case, and the kind which could have adversely affected my entire career if I had not encountered your web site. That training and kindness in handling all the stuff was excellent. I don’t know what I would’ve done if I had not come across such a step like this. I am able to at this time look forward to my future. Thanks very much for the impressive and amazing help. I won’t be reluctant to recommend the blog to anyone who should have tips about this area.
    yeezy boost 350

  • nike cortez
    Trả lời

    Thanks so much for giving everyone such a memorable chance to read in detail from this website. It is always so lovely and as well , packed with a lot of fun for me personally and my office acquaintances to search your blog the equivalent of 3 times per week to study the newest secrets you have got. And of course, I’m also at all times fascinated for the cool creative concepts served by you. Selected two facts in this post are absolutely the best we have had.
    nike cortez

  • adidas superstars
    Trả lời

    After I originally commented I clicked the -Notify me when new feedback are added- checkbox and now each time a comment is added I get 4 emails with the identical comment. Is there any way you can remove me from that service? Thanks!
    adidas superstars

  • golden goose outlet
    Trả lời

    This site is mostly a stroll-by way of for the entire data you wanted about this and didn抰 know who to ask. Glimpse right here, and also you抣l definitely discover it.
    golden goose outlet