Hello friends. Welcome to Tricky Bhai. in this tutorial, i will tell you how you can easily get login details of your friend’s facebook account. This process is very simple and quick. It took me 2 minutes to clone the site and create a phishing page. So let’s start.
What is phishing ?
In this method, the user creates a fake page of the official site or you
can say he clones the site and sends the page’s link to victim. Victim
thinks that it is original Facebook page and enters his username and
password. When he clicks login, the attacker gets his username and
password. Phishing is the easiest method to get the victim’s login credentials and it is the most used method by people all over the world. It can be a complicated process if you want to do it using windows OS. But in case of Kali Linux, it is as easy as ABC.
1. Kali Linux installed or running in Live Mode(if you don’t know how run Kali Linux live or install it to your system then click here).
2. Internet connection(wired or wireless).
1. Right click on desktop and click on Open Terminal.
2. Terminal will open up. Type setoolkit and hit enter.
3. Now it will show you terms and conditions of setoolkit. Press y hit enter to continue.
4. A menu will appear. Enter ‘1’ (Social Engineering Attacks) and hit enter.
5. Again a list will appear. This time, enter ‘2‘ (Website Attack Vectors).
6. Once again a menu will appear, this time type(Credential Harvester Attack).
7. And for last time, type ‘2‘ (Site Cloner) and hit enter.
8. In next step, it will ask you for your IP address. It will be in form of 192.168.x.xxx
9. Enter your IP Address(if you don’t know about your IP Address then click on the arrow on top-right corner, click on wired connected/WiFi, then click on Settings. A box will appear containing your IP Address).
10. After entering IP Address, hit Enter.
11. Now it will ask you for the site which you want to clone. Just enter www.fb.com and hit enter.
12. It will take a few seconds to clone. After cloning, open up your browser(iceweasel in Kali) and enter your IP address. You will see a fake facebook page. Try entering something and logging in. On clicking on login, you will be redirected to facebook(the original one).
13. Now go to file manager>other locations>computer>var>www>html .
14. You will find a text file there. Open it and you will see the details that you filled on your fake page.
15. Now go to tinyurl.com and enter your IP address. Then click on Short it.
16. It will give you a tiny link. Now send this link to your friends and GET THERE ACCOUNT.
LIMITATIONS: You know, everything has a limit. phishing too. The bad part is that this method will only work till your Linux is running. When you will turn your system off, the link will stop working.