Continuing my
last post about password attack.. Have you tried my previously discussed tricks???
Whatever, I will discuss about other password recovery method.
Rather then direct attacking you also try these two method.
1) Phishing:- This method used to create a fake login page of a popular website such as
Gmail, Yahoo, Facebook & Orkut etc .So when ever any user enter username & password it
send to tour per-defined e-mail id.Using it you can easily hack gmail or facebook password.
Though I always ask you to keep the word "Ethical" in mind. So be a good chap. Try it for fun and educational purpose. Design a absolute duplicate copy of those page are really tough.
But don't worry with the right tool this is piece of cake. The best one I used a lot during my training demonstration is SET(Social Engineering Toolkit). Trust me, with a little look out you can do the phishing attack
in some simple step.
You need
1.An internet connection
2. SET (Inbuilt-ed in many Penetration testing distribution such as Backtrack)
3. A little creativity to trap your target (There are lot of method you can use as per your scenario)
4. Having familiar with Backtrack live CD & Metasploit Framework can be a great advantage
Currently I am giving you a great link to know how to use it.
Step by Step Guide to SET
Beside the phishing SET has lot of feature:-
a) Hack a remote computer
b) Create a exploited USB media, when run on victim PC that will be automatically accessible
c) Running an exploited web server to hack a PC
Let me know if any further guide is needed.
Whatever, I will discuss about other password recovery method.
Rather then direct attacking you also try these two method.
1) Phishing:- This method used to create a fake login page of a popular website such as
Gmail, Yahoo, Facebook & Orkut etc .So when ever any user enter username & password it
send to tour per-defined e-mail id.Using it you can easily hack gmail or facebook password.
Though I always ask you to keep the word "Ethical" in mind. So be a good chap. Try it for fun and educational purpose. Design a absolute duplicate copy of those page are really tough.
But don't worry with the right tool this is piece of cake. The best one I used a lot during my training demonstration is SET(Social Engineering Toolkit). Trust me, with a little look out you can do the phishing attack
in some simple step.
You need
1.An internet connection
2. SET (Inbuilt-ed in many Penetration testing distribution such as Backtrack)
3. A little creativity to trap your target (There are lot of method you can use as per your scenario)
4. Having familiar with Backtrack live CD & Metasploit Framework can be a great advantage
Currently I am giving you a great link to know how to use it.
Step by Step Guide to SET
Beside the phishing SET has lot of feature:-
a) Hack a remote computer
b) Create a exploited USB media, when run on victim PC that will be automatically accessible
c) Running an exploited web server to hack a PC
Let me know if any further guide is needed.
No comments:
Post a Comment