O'Reilly logo

Kali Linux 2018: Assuring Security by Penetration Testing - Fourth Edition by Shakeel Ali, Tedi Heriyanto, Lee Allen, Gerard Johansen, Damian Boodoo, Alex Samm, Shiva V. N Parasram

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Credential-harvesting

In this attack, we'll be setting up a fake website of a known site. Our copy, however, will allow us to capture the credentials used by the user. To have the user visit our site, you'll need to deliver it via an email with a heading or subject line that will pique the user's interest to visit it. They'll be prompted to log in and that's it, the credentials will be captured:

  1. Enter setoolkit, then at the main menu, choose option 1 for the social engineering menu.
  2. Enter 2 at the prompt to choose Website Attack Vectors:

  1. Enter 3 for Credential Harvester:

At this point, you've successfully loaded Credential Harvester ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required