Hello all,
I read this thread yesterday: http://hackflag.org/t/phishing-site/4421
And thought this was a bit too much work for a phishing page. Hence here is a method that is a bit simpler (provided you have a Linux distro).
For this tutorial you will need a Linux Distro with the Social Engineering Toolkit installed (Kali Linux has this installed by default, which is what I am using in this tutorial).
This method will work for any website, but for it to work the website will need a login page (otherwise it won't be of much use).
Step 1. Open Social Engineering Toolkit
Open your Terminal by clicking the Terminal icon (if you have not customized it) at the top left of your desktop. This one looks something like this:
Now type setoolkit or se-toolkit (depending on your Distro version) for the latest version of Kali Linux type setoolkit. This screen should appear (may vary):
Step 2. Making choices
As you just saw in the screenshot, you can now choose from a number of choices. What we need for this tutorial is number 1, the Social-Engeneering Attacks. So type “1” and press Enter. Now a list of options from which you can choose should appear again. We need the 2nd of these and that is the “Website Attack Vectors” option, so type “2” and press Enter. Now another list of options will appear and we need the 3rd one, which is the “Credential Harvester Attack Method” with which we demonstrate that we want to obtain login information. So type “3” and press the Enter key again. Now the last screen appears and we need number 2, the “Site Cloner”. This allows us to clone/duplicate websites.
Please note: More options may have been added by the time you read this, so the numbers may change. So pay close attention to which options you should use.
In short: 1, 2, 3, 2
Step 3. Configure the phishing page
Now we are going to configure all the settings. First you will be asked to enter your IP address.
In Kali Linux you can get that by opening a new tab or a new Terminal and typing “ifconfig” and then grabbing your “inet address”. (Go down if you want it to work on a WAN).
Now enter your IP and press Enter.
You should now be asked to enter a URL. Here you enter the website you want to clone, I will use Facebook for this tutorial. But this works with all websites. So I enter Facebook.com .
If all goes well, after you press Enter, you will see cloning “ website.com/login.php 1” or something similar and then you will be asked if you want to continue because “Apache” may not be enabled, then type “y” and press Enter.
And if everything went well, you will now see something like this:
Step 4. Testing
If all goes well, you still have your IP under your CTRL+C, if not, just do that and paste it into your browser and go there. Now you will see that you are on the page you cloned. Just enter a username and password here to test it and press login.
Now go to the location where the created files were created. By default this is Computer>filesystem>var>www here you will see a harvester file, a post.php and an index.html.
The harvester file contains all logs, so open it and you should see something like this:
And as you can see, the username and password I entered on the page with all kinds of information.
The post.php file ensures that the information is placed in the harvester file and the index.html is the page that you have cloned.
How do I do this on a WAN?
This is basically the same on a WAN. However, you do have to port forward and use your WAN IP (external IP address), which you can find on watismijnip.nl. Furthermore, the steps are fairly self-explanatory.
Quick version
Open Terminal
Start settoolkit
Options: 1, 2, 3, 2
IPv4 or WAN IP
URL you want to clone
type “y” and press Enter
Browse to the IP address you entered
The logs are in Computer>filesystem>var>www >harvesterblablabla.txt
I hope you learned something from this. I don't want to help you learn illegal things but now you know a bit about how the setoolkit works. I would say, get some other options, there are enough!
I read this thread yesterday: http://hackflag.org/t/phishing-site/4421
And thought this was a bit too much work for a phishing page. Hence here is a method that is a bit simpler (provided you have a Linux distro).
For this tutorial you will need a Linux Distro with the Social Engineering Toolkit installed (Kali Linux has this installed by default, which is what I am using in this tutorial).
This method will work for any website, but for it to work the website will need a login page (otherwise it won't be of much use).
Step 1. Open Social Engineering Toolkit
Open your Terminal by clicking the Terminal icon (if you have not customized it) at the top left of your desktop. This one looks something like this:
Now type setoolkit or se-toolkit (depending on your Distro version) for the latest version of Kali Linux type setoolkit. This screen should appear (may vary):
Step 2. Making choices
As you just saw in the screenshot, you can now choose from a number of choices. What we need for this tutorial is number 1, the Social-Engeneering Attacks. So type “1” and press Enter. Now a list of options from which you can choose should appear again. We need the 2nd of these and that is the “Website Attack Vectors” option, so type “2” and press Enter. Now another list of options will appear and we need the 3rd one, which is the “Credential Harvester Attack Method” with which we demonstrate that we want to obtain login information. So type “3” and press the Enter key again. Now the last screen appears and we need number 2, the “Site Cloner”. This allows us to clone/duplicate websites.
Please note: More options may have been added by the time you read this, so the numbers may change. So pay close attention to which options you should use.
In short: 1, 2, 3, 2
Step 3. Configure the phishing page
Now we are going to configure all the settings. First you will be asked to enter your IP address.
In Kali Linux you can get that by opening a new tab or a new Terminal and typing “ifconfig” and then grabbing your “inet address”. (Go down if you want it to work on a WAN).
Now enter your IP and press Enter.
You should now be asked to enter a URL. Here you enter the website you want to clone, I will use Facebook for this tutorial. But this works with all websites. So I enter Facebook.com .
If all goes well, after you press Enter, you will see cloning “ website.com/login.php 1” or something similar and then you will be asked if you want to continue because “Apache” may not be enabled, then type “y” and press Enter.
And if everything went well, you will now see something like this:
Step 4. Testing
If all goes well, you still have your IP under your CTRL+C, if not, just do that and paste it into your browser and go there. Now you will see that you are on the page you cloned. Just enter a username and password here to test it and press login.
Now go to the location where the created files were created. By default this is Computer>filesystem>var>www here you will see a harvester file, a post.php and an index.html.
The harvester file contains all logs, so open it and you should see something like this:
And as you can see, the username and password I entered on the page with all kinds of information.
The post.php file ensures that the information is placed in the harvester file and the index.html is the page that you have cloned.
How do I do this on a WAN?
This is basically the same on a WAN. However, you do have to port forward and use your WAN IP (external IP address), which you can find on watismijnip.nl. Furthermore, the steps are fairly self-explanatory.
Quick version
Open Terminal
Start settoolkit
Options: 1, 2, 3, 2
IPv4 or WAN IP
URL you want to clone
type “y” and press Enter
Browse to the IP address you entered
The logs are in Computer>filesystem>var>www >harvesterblablabla.txt
I hope you learned something from this. I don't want to help you learn illegal things but now you know a bit about how the setoolkit works. I would say, get some other options, there are enough!