ComputerSecurityStudent (CSS) [Login] [Join Now]

|UNIX >> BackTrack >> BackTrack 5 R1 >> Current Page |Views: 230080

(Social Engineering Toolkit (SET): Lesson 1)

{ Clone website to gain victim's passwords }

Section 0. Background Information
  1. What is the Social-Engineering Toolkit (SET)
    • The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing.
    • It's main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
    • Social-Engineering toolkit available on backtrack like on backtrack 5, backbox, blackbuntu, Gnacktrack and other Linux distribution that are used for penetration testing.

  2. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • Your are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2012 No content replication of any kind is allowed without express written permission.


Section 1. Configure BackTrack Virtual Machine Settings
  1. Open Your VMware Player
    • Instructions:
      1. On Your Host Computer, Go To
      2. Start --> All Program --> VMWare --> VMWare Player


  2. Edit BackTrack Virtual Machine Settings
    • Instructions:
      1. Highlight BackTrack5R1
      2. Click Edit virtual machine settings


  3. Edit Network Adapter
    • Instructions:
      1. Highlight Network Adapter
      2. Select Bridged
      3. Do not Click on the OK Button.


Section 2. Login to BackTrack
  1. Start BackTrack VM Instance
    • Instructions:
      1. Start Up VMWare Player
      2. Select BackTrack5R1
      3. Play virtual machine


  2. Login to BackTrack
    • Instructions:
      1. Login: root
      2. Password: toor or <whatever you changed it to>.


  3. Bring up the GNOME
    • Instructions:
      1. Type startx


Section 3. Open Console Terminal and Retrieve IP Address
  1. Open a console terminal
    • Instructions:
      1. Click on the console terminal


  2. Get IP Address
    • Instructions:
      1. ifconfig -a
    • Notes(FYI):
      1. As indicated below, my IP address is
      2. Please record your IP address.
      3. If you don't obtain an IP Address, type "dhclient".


Section 4. Start the Social Engineering ToolKit
  1. Start Social Engineering ToolKit
    • Instructions:
      1. cd /pentest/exploits/set
      2. ./set


  2. Website Attack Vector
    • Instructions:
      1. Select 2


  3. Select Credential Harvester Method
    • Instructions:
      1. Select 3


  4. Select Site Cloner
    • Instructions:
      1. Select 2


  5. Enter URL to Clone
    • Instructions:
      2. Press <Enter>


  6. Website Cloning
    • Instructions:
      1. It might take a few minutes to clone the site.
      2. Just Press <Enter>
      3. Then Continue to the Next Section to text this exploit.
    • Note(FYI):
      1. Now you have created a cloned facebook login webpage that is listening on port 80.


Section 5. Start Up Windows Machine
  • Social Engineering Note
    • The Victim does not have to use the below VMware Instance.
    • It can be any type of web browser (i.e., Internet Explorer, Firefox, Chrome, etc) for any type of Operating System (Windows, Linux, MacOS, etc).
    • Image an attacker sending an email to the victim that reads, "Hey Check out the new beta version of facebook", or whatever website that was cloned.
  1. Start Up Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Edit virtual machine Settings
    • Note(FYI):
      • For those of you not part of my class, this is a Windows XP machine running SP2.


  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Network Adapter
      2. Click on the Bridged Radio button
      3. Click on the OK Button


  3. Play Virtual Machine
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Click on Play virtual machine


  4. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Username: administrator
      2. Password: Use the Class Password or whatever you set it.


  5. Open a Command Prompt
    • Instructions:
      1. Start --> All Programs --> Accessories --> Command Prompt


  6. Obtain Damn Vulnerable WXP-SP2's IP Address
    • Instructions:
      1. ipconfig
    • Note(FYI):
      1. In my case, Damn Vulnerable WXP-SP2's IP Address
      2. This is the IP Address of the Victim Machine that will be attacked by Metasploit.
      3. Record your Damn Vulnerable WXP-SP2's IP Address.


Section 6. Start Up a Web Browser
  1. Start Up Internet Explorer
    • Instructions:
      1. Start --> All Programs --> Internet Explorer


  2. Victim Clicks on Link
    • Note(FYI):
      • Replace with BackTrack's IP Address obtain from  (Section 3, Step 2).
    • Instructions:
      1. Place the BackTrack IP in the Address Bar.
        • In my case,
      2. Provide a test UserID.
      3. Provide a test Password.
      4. Click Login.


  3. Analyzing Results After Login
    • Instructions:
      1. Notice that the Address URL changed to Facebook.
        • This is to give the victim a sense of perhaps a failed login attempt instead of invoking suspicion and alarm.
      2. Notice the Email textbox is populated with the Login you previous supplied to Cloned Webpage.
      3. Continue to the next section to see the victim's username and password.


Section 7. View Victim's Username and Password
  1. Viewing Victim's Username and Password
    • Instructions: (On BackTrack)
      1. Notice that now you have data showing the victim's username and password.
        • Let's say you sent this cloned link to many victim's and left SET run for a while, you will see a lot of username and password combinations.
      2. To Exit, press the <Ctrl> and "c" key at the same time.


  2. Copy Report Link
    • Instructions:
      1. Highlight the XML link and Right Click
      2. Click on Copy
      3. Press <Enter>


  3. Exit Web Attack Menu
    • Instructions:
      1. Type 99
      2. Press <Enter>


  4. Exit Web Attack Menu
    • Instructions:
      1. Type 99
      2. Press <Enter>


  5. Exit Web Attack Menu
    • Instructions:
      1. cat "reports/2014-02-08 05:10:21.784846.xml"
        • Note: In your case, this is the report created in Step 2 or this Section.
      2. Notice the Victim's Login Credentials
    • Notes(FYI):
      1. Make sure you put quotes(") around your file name.


Section 7. Proof of Lab
  1. Proof of Lab
    • Instructions:
      1. Clone
        • (See Section 5)
        • For the Victim Login use the following address
          • E.g.,
      2. cat the log you created for the cloned linkedin website.
        • (See Section 6, Step 5)
      3. date
      4. echo "Your Name"
        • e.g., echo "John Gray"
    • Proof of Lab Instructions:
      1. Do a Print Screen using the <PrtScn> button.
      2. Paste into a word document.
      3. Upload to Moodle.

Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth