TABNAPPING This tutorial is about Tabnapping (advanced phishing) using SET (Social Engineering Toolkit) in Backtrack. Anand Garg
TABNAPPING
This tutorial is about Tabnapping (advanced phishing) using SET
(Social Engineering Toolkit) in Backtrack.
Anand Garg
Dedicated to my Parents
Shri.Arun Kumar Garg
Smt. RashmiGarg
&
Inspired by
Steven Henderson
Gorvam Saddar
Vikas Batta
Through this tutorial I will show you how to sniff
passwords using SET(Social Engineering Toolkit) in
Backtrack.
Requirements:
1) PC or Laptop
2) Backtrack OS
3) Internet
4) Active Brain
Step 1)
You have two methods to open set I will show you
both methods. One is without terminal………
And other is by typing commands. First go to its
folder by typing this command “cd
/pentest/exploits/set/”
After it type this command to run or execute set
“./set”
Step 2)
Now it will ask you to agree all terms and services
you have to type “y”
Step 3)
It will start like this………
Step 4)
Now your actual work starts from here. It will show
you list of some methods. We have to select 1st
because we are doing Tabnapping (advanced phishing)
and it comes under social engineering. So simply type
this command “1”
Step 5)
Now it will again show you many methods but we have
to use second so type this “2”
Step 7)
Now it will ask you to select your way to use and you
have to select Site Cloner by typing this command “2”
Step 8)
Now it will ask you for the ipaddres check your ip
address by typing this command in a new terminal
“ifconfig”
And paste it here
Step 10)
Now the final work is to enter the url you want to
clone in the required field as i used facebook.com you
have to paste the complete path
Step 11)
Now it will take some time to clone that site and it
will show you a message and you have to press “enter”
from your keyboard
Step 12)
And now your 90% work is done now you have to make
someone to browse your ip address better is open
the Google link shortner and fill your ip it will make a
small url and send that url to your friend he/she will
see this
Step 13)
Last and final when he/she will insert username and
password and press enter then you will get the
username and password