Hello guy's, Welcome to another article, In this article we are going to discuss about how use Spear phishing attack vector in setoolkit tool
What is Spear phishing attack vector?
Spear phishing attack vector is nothing but send targeted emails with malicious attachments
Requirements
Termux or Linux How to install setoolkit in termux
Spear phishing attack
First you open your terminal then type this below command this command will help you to run setoolkit in your terminal.
Once you choose social engineering attack vector you can see 10 module see this above picture now choose first option 1. Spear-Phishing Attack Vector
The Spearphishing module allows you to specially craft email messages and send them to a large (or small) number of people with attached fileformat malicious payloads. If you want to spoof your email address, be sure "Sendmail" is installed
So type this below command on your terminal
sudo sendmailconfigOnce you install sendmail config then start it so type this below command in your terminal
sudo service apache2 restartOnce you complete above all thinks you choose first option 1. Perform a Mass Email Attack
and when the user opens the file extension, will trigger the dll then ultimately our payload. During the time of this release, all of these file extensions were tested and appear to work and are not patched. This
will continiously be updated as time goes on.
Now Enter the choice of the file extension you want to attack
Now you set output file name and choose file format see this below image.
Now you choose email attack type mass or single
Once you choose email attack type now you choose email template
Once you type your victim email address this tool give two option to you if you have own server means choose 2nd option that's better or else choose 1st option use any fake email account but the email account have this following condition.
- Email account should not enable two way factor authentication
- Email account must be enabled less-secure-app
Once you complete this above all process your payload was sent to your victim once your victim click your payload. You can access your victim device remotely.
from ErrorsFind https://ift.tt/3pdtcDX
via news
ConversionConversion EmoticonEmoticon