Phising page

How to create Phising page

It's only education purpose please don't miss use .

What is Phishing?

Phishing is a most popular technique used for hacking passwords and stealing sensitive information like credit cards, banking username & passwords etc.

Phishing aka fishing attack is a process of creating a duplicate copy or a clone of a reputed website in the intention of stealing user’s password or other sensitive information like credit card details.

It is easy for anyone who is having little technical knowledge to get a phishing page done and that is why this method is so popular.

Phishing scams prompt users to enter sensitive details at a fake webpage (phishing page) whose look and feel are very identical to legitimate web pages. In most cases, the only difference is URL. 

URL can also be spoofed in some cases if the legitimate website is vulnerable. It is difficult for a commoner to identify the phishing scams page because of its trustworthy layout.

How does phishing work?

Hackers / Attackers target general public and send them phishing links through email or personal message where the victim is prompted to click on a link in the email. The user/victim will get navigated to a Phishing page that pretends to be legit. 

Common people who don’t find that phishing page suspicious are induced to enter their sensitive information and all the information would get sent to the hacker/attacker.

• Steps of Phishing Attack:

Open the terminal window in Kali and make sure you have root access as ‘setoolkit’ needs you to have root access 

Type ‘setoolkit’ in the command line

You will be warned that this tool is to be used only with company authorisation or for educational purposes only and that the terms of service will be violated if you use it for malicious purposes.

• Type y to agree to the conditions and use the tool

• A menu shows up next. Enter 1 as the choice as in this demo we attempt to demonstrate a social engineering attack.

Under Social Engineering, there are various computer-based attacks and SET explains each in one line before asking for a choice.

• Enter 3 which will select the ‘Credential Harvester Attack Method’ as the aim is to obtain user credentials by creating a bogus page which will have certain form fields.

Now, the attacker has a choice to either craft a malicious web page on their own or to just clone an existing trustworthy site.

• Enter 2 in order to select ‘Site Cloner’

This might take a moment as SET creates the cloned page.

• Now you need to see IP address of the attacker machine. Open a new terminal window and write ifconfig
• Copy the IP address stated in ‘inet’ field

• SET will ask you to provide an IP where the credentials captured will be stored. Paste the address that you copied in the earlier step.
• Since we chose to clone a website instead of a personalised one, URL to be cloned is to be provided. In this example, it is www.facebook.com
• Social Engineering Toolkit needs Apache Server running as captured data is written to the root directory of Apache. Enter y when prompted about starting the Apache process.

The set up for a phishing attack is complete, you have cloned Facebook and hosted it on the server. SET informs us the directory at which the captured data will be stored.

The IP address is usually hidden carefully by using URL shortener services to change the URL so that it is better hidden and then sent in urgent sounding emails or text messages.

• Go to browser and type http://yourIP (eg: http://192.168.0.108) Note: I am writing this article from Maharashtra,India hence Facebook is in the native language Marathi.

If an unsuspecting user fills in their details and clicks on ‘Log In’, the fake page takes them to the actual Facebook login page. Usually, people tend to pass it off as a glitch in FB or error in their typing.

• Finally, reap the benefits. Go to /var/www/html and you can see the harvester file created there.

Hope this guide gave you a basic idea of how phishing attacks work.

Phishing is constantly evolving to entrap innocent computer users. Recommended safety tips will be to always check the URL of a website in the browser and use of two-factor authentication as it provides an extra security layer to your account.