Wednesday, 15 December 2010

How To: Harvest Credentials e.g. Facebook Account Hacked !

What is SET:

"The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test."

In the video I walk you through the selections to make to create your fake site ready for your victim. 
Without changing the config file the server will run locally on you internal ip for example 192.168.X.X. To get it working on you remote ip you will have to edit your config file which I shall post in my next as it isnt relevant here (my next post is gonna be written straight after this!)
For the Credential Harvester to be successful then you need to clone a site with a username and password login fields e.g. Facebook.
Not much more to say than, the victim connects to the site thinks its lagit logs in and you get the credentials ......the fake site is made to redirect the victim to the proper site after they think they have logged in.

To do this on a local network on the subnet you can use ettercap.dns spoof to spoof your victims into goin to you site. this can be done in the config file and or the ettercap gui/commandline. (edit the config file will be in my next post) DNS spoofing will come soon.
My next post will be about doing this remotely using a DNS service like and ill do a write up off editing the config file.  
Any Questions give me a buzz :) 


Anonymous said...

hi, i didn't know the link to downlaod the SET...can u help me?
thanx a lot!

Security Exploiter said...

You can download SET using SVN.

svn co set/

●๋ •נ ι в ι η נ ι м● ๋• said...

what are the changes that is to be made in config file?
how is port forwarding done in back track?

