pentest, Web Attacks, webdev

Credential harvesting is one of the most common methods used in social engineering attacks when phishing. A sample can be viewed here. Some things about the cloner in social engineering toolkit:

  • It doesn’t download assets i.e. images, css, javascript files
  • The page cloned needs to be always reachable

I will be testing this on chrome as its the paranoid one.

Chrome Used

What I noticed from this is that after setting up my default phishing page from SET it loaded as below on chrome:

Chrome doesn’t load styling if its less secure

So looking under the hood; the source looks fine linking to the files as required testing the hyperlinks loads the files so that isn’t the issue.

Script cloned by SET

As is seen the page is fine but it would be very phishy if the victim comes and finds int in that shape. Chrome is used highly so this cannot be assumed; it loads fine on firefox though. So to fix this issue and increase chances of a successful attack. First things first download all assets into a folder just open the hyperlinks.

Download assets to a folder

Replace they hyperlinks with the folder name as below then upload all to your server.

Replace hyperlinks to create local instance

Replace hyperlinks to create local instance

Test the page once again on chrome.

Gone Phishing

Hope this helps ; may the force be with you.

Leave a Reply

Your email address will not be published. Required fields are marked *

April 2024