Hello guy's Welcome to another article In this article we are going to discuss about Credential Harvester Attack method in this method you can make any website as a phishing page.
What is Credential Harvester method?
The Credential Harvester method will utilize web cloning of a web- site that has a username and password field and harvest all the information posted to the website.Step 1: Choose Credential Harvester method
First you type this below command this command will help you to open setookit in your terminal.
sudo setoolkit
Once you open setoolkit tool in your terminal choose first option 1. Social -Engineering Attack Now you can see 10 module but you choose 2nd option website attack vector In this place you can see Credential harvester Attack Method option just choose it.
Step 2: Create Phishing page
Once you choose Credential harvesting method in your terminal you can see this below 3 option.
1. web Templates
- This is first method will allow SET to import a list of pre-defined web applications that it can utilize within the attack.
- This is second method will completely clone a website of your choosing and allow you to utilize the attack vectors within the completely same web application you were attempting to clone.
- The third method allows you to import your own website, note that you should only have an index.html when using the import website functionality.
Now you can choose 2nd option site cloner
Step 3: Create Phishing Page
--- * IMPORTANT * READ THIS BEFORE ENTERING IN THE IP ADDRESS * IMPORTANT * ---
The way that this works is by cloning a site and looking for form fields to rewrite. If the POST fields are not usual methods for posting forms this could fail. If it does, you can always save the HTML, rewrite the forms to be standard forms and use the "IMPORT" feature. Additionally, really
Important:
If you are using an EXTERNAL IP ADDRESS, you need to place the EXTERNAL IP address below, not your NAT address. Additionally, if you don't know basic networking concepts, and you have a private IP address, you will need to do port forwarding to your NAT IP address from your external IP
address. A browser doesns't know how to communicate with a private IP address, so if you don't specify an external IP address if you are using this from an external perpective, it will not work. This isn't a SET issue this is how networking works.
address. A browser doesns't know how to communicate with a private IP address, so if you don't specify an external IP address if you are using this from an external perpective, it will not work. This isn't a SET issue this is how networking works.
Once you choose IP address then you choose your target website see this below image.
Step 4: victim view
Now you send your ip address to victim if your victim click that ip address that will be show this below image.
Now if your victim type any data on this page means you get immediately in your terminal see this below images.
from ErrorsFind https://ift.tt/3ffF3zq
via news
This is dummy text. It is not meant to be read. Accordingly, it is difficult to figure out when to end it. But then, this is dummy text. It is not meant to be read. Period.
Related Post
Mass Mailer Attack - setoolkit tutorial Hello guy's welcome to another article in this article we are going to discuss about how to d
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography PacketWhisper
PacketWhisper - Stealthily Transfer Data & Defeat Attribution Using DNS Que
Rafel-Rat- New android hacking tool_Control victim phone fully Hello guy's in this article we are going to discuss about how to hack android phone with new 
CarbonCopy - creates a spoofed certificate of any online website Hello guy's, Welcome to another article in this article we are going to discuss about how to
ConversionConversion EmoticonEmoticon