zvilsec

Phishing is one of the most popular h4cking techniques among h4cker, both h4cker pro and newbie. This technique also has various ways of execution. In this article, I will try to explain one by one about how to launch this type of h4cking attack.

In some cases that occur so far, the fake site can indeed be said to be almost like the original site. However, due to the large number of internet users who are unfamiliar with this issue, it is certain that many internet users have become victims.

The word "phishing" in English comes from the word "fishing", which if interpreted into phising, in this case the intention is that the attackers target their victims with phishing techniques that utilize the presence of sites or other large media where the appearance of the media had previously been in modification and given a special code, so that when the victim enters the site and performs activities such as writing messages, e-mails, or even passwords, the data will automatically be stored in the perpetrator's output or database.

This first technique can be said as a technique that is often used by h4cker with middle to upper level and this technique is usually played on a Linux-based operating system, to be able to do it please follow the steps below:

• In this technique, you are required to have an additional external wifi adapter. Why should it be like this ? For example I suppose you will install your phishing page in a public place like Starbucks or other elite places, then by using this tool, your laptop's internal network controller will be connected to Starbucks Wi-Fi and your external Wi-Fi adapter will turn into an access point naughty one.

• In this case I am using the WN722N wifi adapter auxiliary media.

• Plug the wifi adapter into your laptop's USB port

• After everything is prepared, please open your linux terminal and type the command

desktop cd

•  Then type the command below

git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git

•  Next, please enter the source code, by typing the command below

 cd WiFi-Pumpkin

• Perform the installation as in the command below

./installer.sh –install

• This installation time will last around 10 to 15 minutes, if the installation is successful, then you will see a screen like the one below.

• Next is to create a fake login page, now almost all browsers have installed a sophisticated script that can indeed reject fake pages and can harm its users. To deal with this problem I have created a fake login code that you can download and if you can't download the first link, you can try downloading this code.

• Then you extract / unzip the file in the / var / www / html directory.

• Next, please create a database by typing the command below

mysql -u root

• The next step, type the command below, this page is intended to create an initial database, replace the computer name with the name you want.

create a computer database

• Then continue by typing the command

use computer

• Next, please type

create table logins (varchar network (64), varchar email (64), varchar password (64));

• Next, please enter the directory where you unzip the var / www / html file, and please open the database.php file, and fill in the details with the brackets. More or less like the code below

$ username = "[USERNAME]";
$ password = "[PASSWORD";
$ db_name = "[DATABASE_NAME]";
$ tbl_name = "[TABLE NAME]";

• Please change the code above as below

$ username = "root";
$ password = "toor";
$ db_name = "computer";
$ tbl_name = "logins";

• Next, please return to the root terminal, and restart your mysql by typing the command below

sudo /etc/init.d/mysql restart

• Next please open the wifi pumpkin in a way

python wifi-pumpkin.py

• And then you will see a display like the picture below 

• Next, please click on the button or settings menu, and make the settings as below

1.     Set your gateway to 192.168.1.1
2.     set your SSID for something trustworthy like "Definitely starbuck WiFi and not a Rogue AP"
3.     For security (wifi password) if you want to use it, try your password the same as the wifi  password used in that place
4.    Set your wifi adapter to be wlan0 or wlan1.
5.    Under the Plugins menu, uncheck the "Enable Proxy Server" box
6.    Now open the Modules section (in the menu) and select Phishing Manager. The IP address can  be anything we like, say 10.0.0.1 (the port must be 80). WiFi-Pumpkin allows you to connect your phishing page in various ways.
7.    Here I have prepared a fake page setup, so just activate Set Directory under Options and set SetEnv PATH to where you unzip the file: / var / www / html.
8.     The next step, please press the Start Server button.
9.      Now under Modules → DNS Spoofer enable Redirect traffic from all domains. and please click Start Attack.

•  Under the View menu item, select Monitor NetCreds. Click Capture Logs.

• And we are done! Now when your victims are connected to your naughty access point, they will be directed to the phishing page. All credentials entered on the phishing page will appear on your system in plain text.

• If you really understand this more, please you can replace the code that I have with the code that you have, like a fake Facebook login page, Twitter, or others