Credential Harvester Attack Method- SET Backtrack 5

Social engineering toolkit has played and is playing an important role in the field of information security and ethical hacking, social engineering means to take advantages of human weakness to hack a computer system or a server. Social engineering toolkit is a computer based software that are also available on backtrack 5.

Backtrack is not only a single Linux distribution that contain SET, other distributions like Gnacktrack, backbox also have SET. On social engineering toolkit tutorial we have learnt how to get meterpreter and shell access on a computer, in this tutorial I will explain you some harvester attack method.

 

What is Credential Harvester Attack Method 

The credential harvester attack method is used when you don’t want to specifically get a shell but perform phishing attacks in order to obtain username and passwords from the system. In this attack vector, a website will be cloned, and when the victim enters in the user credentials, the usernames and passwords will be posted back to your machine and then the victim will be redirected back to the legitimate site.

So for this tutorial I will integrate Mass Mailer Attack with credential harvester attack.

Requirement

  • Operating system
  • Social Engineering Toolkit
  • A brain

Any operating system is applicable for this type of attack but I am using backtrack 5 for this attack, it is a good practice to make a video tutorial instead of images and text so here is the video tutorial of social engineering toolkit mass mailer attack with harvester attack method.

SET Video Tutorial



Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...

How to Identify Company’s Hacked Email Addresses Using Maltego & HaveIbeenPawned

This article is part of the Maltego OSINT tutorial, where you will learn to identify the already hacked account, and it’s password using the...

5 Key Vulnerabilities in Global Payroll

The cyber threat against payroll is growing in sophistication and frequency, according to the latest FBI cybercrime report. Many of these attacks exploit fixable...