An toàn thông tin: Hướng Dẫn Thực Hành : Social Engineering Toolkit (SET): Lesson 1

Bài hướng dẫn hack Facebook thông qua cơ chế giả mạo website đăng nhập với bộ công cụ SET trên Back Track.

What is the Social-Engineering Toolkit (SET)
- The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing.
- It's main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
- Social-Engineering toolkit available on backtrack like on Kali Linux (backtrack 6), backtrack 5, backbox, blackbuntu, Gnacktrack and other Linux distribution that are used for penetration testing.
Bài hướng dẫn chỉ dùng cho mục đích học tập, nghiên cứu hay Penetration Test. Không áp dụng để thực hiện các hành vi vi phạm pháp luật về an toàn thông tin hay tiến hành trên các hệ thống mạng và mục tiêu mà các bạn không có thẩm quyền.

Section 1. Configure BackTrack Virtual Machine Settings

Open Your VMware Player
- Instructions:
  1. On Your Host Computer, Go To
  2. Start --> All Program --> VMWare --> VMWare Player
Edit BackTrack Virtual Machine Settings
- Instructions:
  1. Highlight BackTrack5R1
  2. Click Edit virtual machine settings
Edit Network Adapter

Instructions:
1. Highlight Network Adapter
2. Select Bridged
3. Do not Click on the OK Button.

Section 2. Login to BackTrack

Start BackTrack VM Instance
- Instructions:
  1. Start Up VMWare Player
  2. Select BackTrack5R1
  3. Play virtual machine
Login to BackTrack
- Instructions:
  1. Login: root
  2. Password: toor or <whatever you changed it to>.
Bring up the GNOME
- Instructions:
  1. Type startx

Section 3. Open Console Terminal and Retrieve IP Address

Section 4. Start the Social Engineering ToolKit

Start Social Engineering ToolKit
- Instructions:
  1. cd /pentest/exploits/set
  2. ./set
Website Attack Vector
- Instructions:
  1. Select 2
Select Credential Harvester Method
- Instructions:
  1. Select 3
Select Site Cloner
- Instructions:
  1. Select 2
Enter URL to Clone
- Instructions:
  1. http://www.facebook.com
Website Cloning
- Instructions:
  1. Press the <Enter> key
  2. *** Read the Below Notes ***
  3. Then Continue to the next Section.
- Note(FYI):
  - Now you have created a cloned facebook login webpage that is listening on port 80.
  - For non-educated Internet users, may be you could send them an email saying check out the new facebook website.
  - In my case, the website address would be http://192.168.1.105
  - In your case, replace 192.168.1.105 with the IP address you obtained in Section 3, Step 2.
  - Once the victim clicks on your cloned website their login and password credentials will be displayed below.

Section 5. Start Up Windows Machine

Social Engineering Note
- The Victim does not have to use the below VMware Instance.
- It can be any type of web browser (i.e., Internet Explorer, Firefox, Chrome, etc) for any type of Operating System (Windows, Linux, MacOS, etc).
- Image an attacker sending an email to the victim that reads, "Hey Check out the new beta version of facebook", or whatever website that was cloned.

Start Up Damn Vulnerable WXP-SP2.
- Instructions: (copy máy ảo này từ source do giáo viên cung cấp)
  1. Click on Damn Vulnerable WXP-SP2
  2. Click on Edit virtual machine Settings
- Note(FYI):
  - For those of you not part of my class, this is a Windows XP machine running SP2.
Edit Virtual Machine Settings
- Instructions:
  1. Click on Network Adapter
  2. Click on the Bridged Radio button
  3. Click on the OK Button
Play Virtual Machine
- Instructions:
  1. Click on Damn Vulnerable WXP-SP2
  2. Click on Play virtual machine
Logging into Damn Vulnerable WXP-SP2.
- Instructions:
  1. Username: administrator
  2. Password: Use the Class Password or whatever you set it.
Open a Command Prompt
- Instructions:
  1. Start --> All Programs --> Accessories --> Command Prompt
Obtain Damn Vulnerable WXP-SP2's IP Address
- Instructions:
  1. ipconfig
- Note(FYI):
  - In my case, Damn Vulnerable WXP-SP2's IP Address 192.168.1.116.
  - This is the IP Address of the Victim Machine that will be attacked by Metasploit.
  - Record your Damn Vulnerable WXP-SP2's IP Address.

Section 6. Start Up a Web Browser

Start Up Internet Explorer
- Instructions:
  1. Start --> All Programs --> Internet Explorer
Victim Clicks on Link
- Note(FYI):
  - Replace 192.168.1.105 with BackTrack's IP Address obtain from (Section 3, Step 2).
- Instructions:
  1. Place the BackTrack IP in the Address Bar.
    - In my case, http://192.168.1.105
  2. Provide a test UserID.
  3. Provide a test Password.
  4. Click Login.
Analyzing Results After Login
- Instructions:
  1. Notice that the Address URL changed to Facebook.
    - This is to give the victim a sense of perhaps a failed login attempt instead of invoking suspicion and alarm.
  2. Notice the Email textbox is populated with the Login you previous supplied to Cloned Webpage.
  3. Continue to the next section to see the victim's username and password.

Section 7. View Victim's Username and Password

Viewing Victim's Username and Password
- Instructions:
  1. Make sure you switch over to BackTrack
  2. Notice that now you have data showing the victim's username and password.
    - Let's say you sent this cloned link to many victim's and left SET run for a while, you will see a lot of username and password combinations.
  3. To Exit, press the <Ctrl> and "c" key at the same time.
Copy Report Link
- Instructions:
  1. Highlight the XML link
  2. Right Click
  3. Click on Copy
  4. Press Enter
Exit Web Attack Menu
- Instructions:
  1. Type 99
  2. Press <Enter>
Exit Web Attack Menu
- Instructions:
  1. Type 99
  2. Press <Enter>
Exit Web Attack Menu
- Instructions:
  1. cat "reports/2012-03-18 13:02:08.167118.xml"
    - Note: In your case, this is the report created in Step 2 or this Section.
  2. Notice the Victim's Login Credentials

Section 7. Proof of Lab

An toàn thông tin