Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Further Research
- Credential Harvester Attack
|
Further Research
PDF exploitation is an extensive topic and every aspect cannot be covered in this book. However, the following links will help further your understanding of PDF vulnerabilities and exploitation techniques. Further Resources http://blog.didierstevens.com/ http://www.sudosecure.net/ Attack Scenario 2: E-Mails Leading to Malicious Links In this scenario, we will send the victim a malicious link, and when the victim clicks on it, we will be able to perform various attacks. Here are some examples: 1. We can set up a fake log-in page of any particular website, for example, facebook.com, and ask the victim to log in to the fake log-in page actually located at facebookfakepage.freehost. com. 2. If we are on the same network as the victim, we can launch a DNS spoofing attack, where we can replace the IP of facebook.com with that of our fake log-in page, and as soon as the victim visits facebook.com, he would log in to our fake page instead. 3. We can also perform DNS spoofing, where instead of the fake log-in page we can redirect the victim to our malicious webserver that would use relevant browser exploits to compro- mise the victim’s browser. 214 ◾ Ethical Hacking and Penetration Testing Guide All of this can be easily done by using various modules in Social engineering toolkit. For the last scenario, we will learn to attack over the Internet (WAN) instead of LAN. But for now, let’s talk about another scenario where we will use the SET to set up a fake log-in page. Credential Harvester Attack Credential harvester is a very popular attack; it can be used to perform a phishing attack. In a phishing attack, an attacker sets up a replica of a website, say, gmail.com, whenever the victim logs in to it, the credentials will be saved. This can be done with the “Credential Harvester Attack” in SET. Let’s see how to do it. Step 1 —From the website attack vectors, select “Credential Harvester Attack.” Now you will have three options: you can use predefined templates in SET, clone a site of your choice, or import your own template, in case option 2 does not work for you. For the sake of simplicity, I will choose the first option. Step 2 —It will now ask you the “IP address” to which you want the credentials posted, which in this case would be my local IP, since in this case I am attacking my LAN. Step 3 —It will not show you the list of built-in templates. In this case, I want to use gmail.com. As you can see from the screenshot, the credential harvester is up and running on the IP we entered. We can perform a DNS spoofing attack by replacing gmail.com’s IP with our’s where the credential harvester is running. We already learned about DNS spoofing in the “Network Sniffing” chapter (Chapter 6). Client Side Exploitation ◾ 215 As soon as the victim navigates our IP address, where we have set up our credential harvester, his credentials would be recorded and displayed to us. Yüklə 22,44 Mb. Dostları ilə paylaş:
|