- A webserver (example below)
- A webpage with a password form
You could launch this attack via cross site scripting however, here we will use a page based on howsecureismypassword.net to lure a person to checking how strong their password is.
In the screenshot above we can see a couple of social engineering tricks at work. Key items to note are “help users”, “never sent” and the list of helpful tips. These items reinforce trust in the victim. Next the user will most likely test the password field to see how the website responds, and we have a fully functional password checking system.
The site responds with approximately how long it would take to crack this password on a standard desktop PC without GPU cracking. But we don’t need to wait 5 million years or even 5 seconds. As you can see below each keystroke was captured by the keylogger.
How did we do it?
Simple we used a seven line python webserver:
1: import SimpleHTTPServer 2: import SocketServer 3: 4: handler = SimpleHTTPServer.SimpleHTTPRequestHandler 5: httpd = SocketServer.TCPServer(('0.0.0.0', 80), handler) 6: print "Server Started." 7: httpd.serve_forever() 8:
Finally, we start the Metasploit auxiliary module. The options in the module depend on your environment setup.
That’s it! It’s your job to get the victim to the site.
This is intended for informational and/or educational purposes only; I am not responsible for your actions.