Web Jacking Attack

 

The Web Jacking Attack Vector is another phishing technique that can be used in social engineering engagements.Attackers that are using this method are creating a fake website and when the victim opens the link a page appears with the message that the website has moved and they need to click another link.If the victim clicks the link that looks real he will redirected to a fake page.


The social engineering toolkit has already import this kind of attack.So we are going to use the SET in order to implement this method.We are opening SET and we select the option 2 which is the Website Attack Vectors.

We will see a list with the available web attack methods.The attack that we are going to use is of course the Web Jacking Attack so we select option number 6.

In the next menu we have 3 options:

•     Web Templates


•     Site Cloner


•     Custom Import

We will select the site cloner in order to clone the website of our interest.Remember that this type of attack works with the credential harvester method so we need to choose a website that it has username and password fields in order the attack to have success.For this scenario as you can see in the image below we have select to clone Facebook because of its popularity.

Now it is time to send our the link with our IP address to the victim.Lets see what the victim will see if he opens the link.

As you can see a message will appear informing the user that the website has moved to a new location.The link on the message seems valid so any unsuspicious users will click on the link.At that time a new page will load into the victim’s browser which it will be fake and is running on our web server.

If the victim enters his credentials into the fake Facebook page that looks like the real one then we will be able to capture his username and password.The next image is showing that:

How to Use Tor in Backtrack 5 R3 Whole System Using Proxychains

Proxychains is open source software for GNU/Linux systems.

proxychains - a tool that forces any TCP connection made by any given application
to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy.

How to install Tor and Polipo in Backtrack 5 R3





How to Use Tor in Backtrack 5 R3 Whole System Using Proxychains

How To install Tor in Backtrack 5 R3

Tor is an open source Anonymous Internet tool. It protects your personal identification from tracking systems by changing the source IP address frequently. Application will create many virtual tunnels through the tor network.By default Tor is not integrated in BackTrack 5. Why use Tor on Backtrack ? Normally Tor is used to protect the browsing security but Tor can be used for network scanning tools and other information gathering tools or by student for Educational Purpose.In this my article i will show you how to install TOR properly on Backtrack . Dont Be Hesitate If You are Unable to Take Advantage of this post . Put YOUR Question with Me I will quickly give your answer .




So Let Us Start
I do not recommend just using TOR for your proxy. It's wise to layer your anonymity (Including your router,  if you're working off a Desktop).

start. Open the Terminal.
step 1. #cd /etc/apt
#ls

step 2. #vi sources.list
step 3. Press 'i' on your keyboard.
step 4. Add this line at the bottom:  deb http://deb.torproject.org/torproject.org lucid main
step 5. Press ESC, type a colon, type wq and hit enter.
step 6. Run this command: gpg --keyserver keys.gnupg.net --recv 886DDD89
step 7. Run this command: gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
step 8. apt-get update
step 9. apt-get install tor tor-geoipdb
step 10. Download Tor Browser Bundle for Ubuntu (To your desktop). https://www.torproject.org/projects/torbrowser.html.en

step 11. cd Desktop
step 12. Download the architecture-appropriate file above, save it somewhere, then run one of the following two commands to extract the package archive:

tar -xvzf tor-browser-gnu-linux-i686-2.2.37-2-dev-en-US.tar.gz
or
tor-browser-gnu-linux-i686-2.2.37-2-dev-en-US.tar.gz

step 13. chown -R root:root ./tor-browser_en-US
step 14. Open the folder 'Tor-Browser_en-US"
step 15. Open the file 'start-tor-browser in gedit.
step 16. Find the line:
"if [ "`id -u`" -eq 0 ]; then
complain "The Tor Browser Bundle should not be run as root.  Exiting."
exit 1

17. Change to:

if [ "`id -u`" -eq 1 ]; then
complain "The Tor Browser Bundle should not be run as root.  Exiting."
exit 1

now install polipo


18. apt-get install polipo
19. cd /etc/polipo
20. mv config conf-backup.txt
21. Download and copy polipo config
22. vi config
23. Press 'i' on your keyboard.
24. Paste the text you just copied.
25. Press ESC, type a colon, type wq and hit enter.
26. service polipo start
27. service tor start
28. Start tor browser bundle (From the file on your desktop).
To run the Tor Browser Bundle, execute the start-tor-browser script:
# ./start-tor-browser

Remember, polipo runs on port 8118, TOR runs on 9050

Be sure to stop both when you need to update anything:

By giving Command Like

1. service tor stop
2. service polipo stop

VIDEO TUTORIAL :

PyInjector Shellcode Injection

Awhile back Bernardo Damele showed a cool method for utilizing an executable to deliver alphanumeric shellcode straight into memory. This was an awesome attack vector and allowed for AV and other security mechanisms such as HIPS and others to be circumvented extremely easy. You can download shellcodeexec here. Since then, Matthew Graeber came out with a technique for injecting shellcode straight into memory through Powershell. This technique eventually made it into the Social-Engineer Toolkit (SET) as a method for the Java Applet and never touching disk. You can read the blog post here.