Phishing attack over a LAN

Phishing Over A Local Area Network

(Disclaimer: This tutorial is for educational purposes ONLY and is not intended to be put into practise unless you have authorised access to the system you are trying to break into. The authors of Zettaflops DO NOT claim any responsibility for the actions of their viewers. )

In this tutorial, you will learn how to perform a phishing attack on a local area network (LAN). For those of you who are unfamiliar with what a phishing attack is, here's a brief explanation. Phishing is a method that is utilized to capture usernames and passwords through the use of a fake or cloned login page.

NOTE: When phishing on a local area network (LAN), you must be connected to the same network as your victim. Although this isn't very practical for real-world applications, it is a good place to begin for practice. If you want to target victims outside of your local area network, refer to "Phishing On A Wide Area Network." 

Prerequisites
BackTrack 5
An internet connection
Before we begin, let's take a quick look at our agenda.
Configure the phishing attack
Clone Facebook's login page
Create a link to our phishing page
Lure a victim
Now that you've met the prerequisites and you understand the agenda, let's get started. First, make sure you are connected to the same network as your victim.

1. Boot BackTrack 5 and login

2. Open a terminal

3. Type "cd /pentest/exploits/set"

4. Type "./set"

5. Select option 1- Social Engineering Attacks

6. Select option 2- Website Attack Vectors

7. Select option 3- Credential Harvester Attack Method

8. Select option 2- Site Cloner

9. When prompted to enter the IP address of the POST back machine, enter your computer's local IP address
If you don't know your IP address, you can find it in the bottom status bar of your Wicd network manager
Example: "192.168.0.5"
10. When prompted, enter the URL of the website that you want to clone. For this tutorial, we are going to use "https://www.facebook.com"

Now your phishing attack is active and running. If you want to test your phishing page, you can open a web browser and enter your local IP address in the URL bar. This is the same page that your victim(s) will see; however, you don't want to send your victim(s) your IP address as a link because it would be suspicious. So, to disguise our IP address, we are going to use Google's URL shortener service.

11. Open your web browser and navigate to "http://goo.gl"

12. Enter your computer's local IP address and click "Shorten URL"
Example: "http:192.168.0.5"
13. Make note of your shortened URL

Now it's time to lure a victim to our phishing page.

14. Send the shortened URL to your victim

When your victim clicks the link, he or she will be taken to your phishing page. Then, when your victim attempts to login, his or her username and password will be returned to you.

Recommended Lure Methods
Email
SMS Text Message
Facebook Comment
Instant Message
Tweet
Email Lure Tips
Hyperlink your shortened URL to an image or another piece of text
Include enticing text and images
Check for spelling and punctuation errors
Change your email display name
Change your reply-to email address