You all might be wondering what does credential harvester attack means. It has a very simple definition. Credentials are the sensitive data that we would use to log on to systems. Credentials authenticate us in a system and would pass the authorization so you could access it without violating integrity. Which are the most essential properties in computer security. So simply what this attack perform is that it would steal someone's credentials and would enable them to get impersonated. So in simple words this is phishing.
Back Track is an operating system which supports such capabilities. It is white hack(Good guys) OS which can be used as a framework so you don't need to perform your tasks from the scratch, backtrack would care lots of work of yours and so it is a very essential tool which is used in the computer security community.
Following video shows a demonstration of the attack. I am running Backtrack Operating system in my virtual box VM. And in Backtrack you could find set of social engineering attack methodologies which would perform useful tasks. The tool is running a local Web Server which can host a social networking page for your liking. I am using facebook here and and this particular attack works remotely as well. So if you give your public IP address to a victim once he redirects to your web server he would find the facebook page we've hosted. And when he enters his credentials to the fake page all of them are harvested.
That's all for today. Watch the video for more information. Happy hacking!!! :)
nice initiative! keep up the good work (Y) :)
ReplyDeleteInformative!
ReplyDelete