Social Engineering

Social Engineering Toolkit – Credential Harvester Attack (Port-Forwarding)

Hey everybody, Today I’ll be talking about how hackers clone websites to steal passwords but instead of doing on your local network, i’m going to show you how you can do it to someone outside your local network.

This method works for any attack in SET.

Port Forwarding The Malicious Server

The first thing you need to do is open a command prompt and type in ipconfig.

Then you need to find the default gateway this will be the IP address you log in to your router with.

ipconfig

It should always end with 1.

Now you need to type that IP address into the browser and log in. you should get something like this, your router might be different…netgear_login

If you can’t login try the default passwords. Heres a good website to go to.

http://192-168-1-1ip.mobi/default-router-passwords-list/

Now go back to Kali and run SET (Social Engineering Toolkit) by typing in.

setoolkit

And bang through the steps again but instead of your local IP Address, you need to specify your external IP Address instead.SET_External

TIP: The credential harvester runs on port 80, just to let you know.

To get your public / external IP Address go to this website

http://www.whatismypublicip.com/

Now go back to your router and type in 80 in both Starting Port and Ending Port, also type in your local IP Address where it says Server IP Address.

router

Now use your social engineering skills to convince the person to type in your external IP Address, when they have typed it in, the website will appear, tell them to log in and you will harvest there username & password.

Resources:

To change the URL

https://tinyurl.com/

To find your public / external IP Address.

http://www.whatismypublicip.com/

To get a list of default passwords for different routers

http://192-168-1-1ip.mobi/default-router-passwords-list/

 

Please comment if you have any thoughts or ideas.

 

Leave a Reply