Social Engineering: The Most Powerful Hack
Social Engineering was mentioned a few times here on Null Byte, but not very many explained what it is, or how to do it. I love this quote because it's true:
Social Engineering is the key to carrying out client side attacks, and all you need is a little creativity!
OTW did a general tutorial on using SEToolkit, which by the way is a fantastic tool, so I would like to go on to that.
SEToolkit is a program by TrustestSEC that has many features from stealing credentials, so carrying out Metasploit payloads. If you don't have it already, go to TrustedSEC's website for downloads.
Once you have installed SEToolkit, open up bash and type setoolkit. You will be presented with a question. I recommend answering "yes", but that's your choice. Next, you be presented with a menu with options:
For this tutorial, we will use the Social-Engineering Attacks menu. Type 1 and press [Enter] key to continue.
We will be greeted with a screen similar to this that has many different attacks.
I'll be guiding you through one of the most effective options: Website Attack Vectors. Pretty much everyone who has used a computer has used the Internet, and pretty much everyone on the Internet will click on a link (am I right?). Social Engineering is a society like Facebook or Twitter, but can also be as simple as, well, a link. SEToolkit helps you abuse that trust people have on the Internet, so not only do you have over 5 billion targets, but you can also recognize attacks like these.
Type 2 and press [Enter] to continue.
We now have a list of 7 different attack vectors, all very effective. The 3 most effective vectors are the Credential Harvester, Metasploit Browser, and Java Applet Attack. Let's say that you want to get your friend's Facebook login. By choosing Credential Harvester Attack Method, SEToolkit will copy any website you want and add a credential stealing code to the HTML. Let's do that, shall we?
If you go to Web Templates, you will find that SEToolkit has a Facebook login page template built into it. But first, let's enter our IP address for SEToolkit to report back to. You can use your external IP if you are doing this over the Internet. But make sure you port forward port 80 to your local IP.
After you enter your IP, you will be presented with some of SEToolkit's web templates. Because you want to get your friend's Facebook login, we should probably use the Facebook template...
Type 3 and press [Enter]. NOTE: You must have Apache installed. Kali and Backtrack come with it, but some other distros don't. To install it if you don't yet have it, type sudo apt-get install apache2.
After you choose your template, you should get a screen like this:
Now that it's already to go, just send your friend an email with your IP address as the link, but disguise the text. For example: instead of sending "http://____yourIP____/ " you would send "Facebook.com" with your IP embedded as the link.
Next we'll try to exploit web browsers/computers with SEToolkit and Metasploit.
C|H of C3