For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Desktop phishing
08-09-2012, 06:05 PM, (This post was last modified: 08-09-2012, 06:27 PM by Ravi Kiran.)
Post: #1
Desktop phishing
Hello !ND!4N H4CK3RS.....!!!

This is the tutorial on Desktop Phishing...

Let's Start...

Desktop Phishing is a new technique of phishing (Advanced).

Phishing Vs Desktop Phishing :-

In Phishing:

1. Attacker convinces the victim to click on the link of fake login page which resembles a genuine login page.
2. Victim enters his credentials in fake login page that goes to attacker.
3. Victim is then redirected to an error page or genuine website, depending on attacker.

But the main drawback in phishing is that victim can easily differentiate between fake and real login page by
looking at the domain name.
We can overcome this in desktop phishing by spoofing domain name.

In Desktop Phishing:

1. Attacker sends an executable file to victim and victim is supposed to double click on it. Attacker's job is done.
2. Victim types the domain name of original/genuine website and is taken to our fake login page.

But the domain name remains the same as typed by victim
and victim doesn't come to know.
3. Rest of the things are same as in normal phishing.

Now let's start...
We need to configure hosts file first which is located in C:\Windows\System32\drivers\etc\
Whenever we visit any website, say www.anything.com , an query is sent to Domain Name Server(DNS) to look up for the IP address associated with that website/domain. But before doing this the hosts file on our local computer is checked for the IP address associated to the domain name.

Suppose we make an entry in hosts file as shown. When we visit www.anywebsite.com , we would be taken to this 115.125.124.50. No query for resolving IP address associated with www.anywebsite.com would be sent to DNS.


[Image: host.jpg]

Hope you got an idea that how modification of this hosts file on victim's computer can be misused.
We need to modify victim's hosts file by adding the genuine domain name and IP address of our fake website /phishing page.Whenever victim would visit the genuine website , he would be directed to our fake login page and domain name in the URL box would remain genuine as typed by victim. Hence domain name is spoofed.


[Image: host1.jpg]

Steps to perform attack:

1. Host phishing page on your computer.
Since the webshosting sites like 110mb.com,ripway.com etc where we usually upload our phishing page do not provide a IP that points to your website like www.anything.110mb.com. An IP address points to a webserver and not a website. So we need to host the phishing page on our computer using a webserver software like wamp or xampp.

Download the wamp or xampp.


Copy your phishing page and paste it in the WWW directory in wamp, the default path is "C:\Wamp\WWW"

Run Wamp server on your pc.

Right click the wamp icon in the system tray and select Start all services, Visit your public IP address and you must see your phishing page.

2. Modify Hosts file.
If you dont have physical access to victim's computer. Then copy your hosts file and paste anywhere.
Edit it with any text editor and associate your public IP address with domain you wish as show.

Like in this case , when victim would visit gmail.com , he would be take to website hosted on IP 'xxx.xxx.xxx.xxx'.
Replace it with your public IP.

3. Compress hosts file such that when victim opens it, it automatically gets copied to default
location C:\Windows\system32\drivers\etc and victim's hosts file get replaced by our modified hosts file.



[Image: 1.jpg]


[Image: 3.jpg]


[Image: 4.jpg]


[Image: 5.jpg]


[Image: 2.jpg]


[Image: 6.jpg]
Then you can bind this file with any exe using a binder or directly give it to victim. He/she is supposed to click it
and you are done.
Quote
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp


Possibly Related Threads...
Thread Author Replies Views Last Post
[Tutorial] How to Make Phishing Page (No port forwarding) john123 3 4,038 02-17-2019, 12:02 PM
Last Post: B0ss
[Phishing] A Little Gift For Community john123 0 1,789 02-09-2019, 08:47 AM
Last Post: john123
[Selling] Dream Market Phishing Template blckwebdev 0 1,463 06-28-2018, 01:41 PM
Last Post: blckwebdev
STEAM PHISHING SITE ashh81 0 2,352 08-10-2017, 10:47 PM
Last Post: ashh81

Forum Jump:


Users browsing this thread: 1 Guest(s)
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp


All rights reserved © 2012-2015 OffensiveCommunity, Designed at WallBB Co Uk
Powered By MyBB, © 2002-2020 MyBB Group.