Module 04: Social Engineering Penetration Testing Methodology 1

Module 04: Social Engineering Penetration Testing Methodology

Objective

The objective of this module is to help students learn different techniques to gather information about a user. You will learn how to:

• Perform social engineering to obtain user credentials

Scenario

The main objective of social engineering penetration testing is to check the loyalty of employees in the company, their awareness regarding social vulnerabilities, ability to comply with the security policies and the application of their security training. The testers can use different techniques involving the use of phones, physical and internet-based engagements with the employees. To perform social engineering pen testing, testers must gather all the information of the victim and use this information to gather sensitive organization data.
As a penetration tester, you must have knowledge of how to crack cloned malicious login pages, mask the cloned webpage URLs and entice the employees in an organization to click them

Exercise 1: Collecting Sensitive Information about a Target Using Social Engineering Toolkit (SET)

Scenario

Social engineering is an ever-growing threat to organizations all over the world. Social engineering attacks are used to compromise companies every day. Even though there are many hacking tools available with underground hacking communities, a social engineering toolkit is a boon for attackers as it is freely available to use to perform spear-phishing attacks, website attacks, etc. Attackers can draft email messages and attach malicious files and send them to a large number of people using the spear-phishing attack method. Also, the multi-attack method allows utilization of the Java applet, Metasploit browser, Credential Harvester/ Tabnabbing, etc. all at once.
Though numerous sorts of attacks can be performed using this toolkit, this is also a must-have tool for a penetration tester to check for vulnerabilities. SET is the standard for social-engineering penetration tests and is supported heavily within the security community.

As an Information Security Auditor, penetration tester, or security administrator, you should be well versant with the Social Engineering Toolkit to perform various tests for vulnerabilities on the network and take proper measures to recover them.

Lab Duration: 20 Minutes

1. Click Kali Linux (External Network).
   If Kali Linux lock screen appears, click on the screen and press Enter. If it does not appear, skip to the next task.
   
2. Type root in the Username field and click Next.
   
3. Type toor in the Password field and click Sign In.
   
4. To launch Social Engineering Toolkit (set), type setoolkit and press Enter.
   
5. Social Engineering Toolkit terminal window appears, as shown in the screenshot.
   

   If you see any python related errors, ignore them.

   
6. Select from the menu: options appears, type 1and press Enter to select Social-Engineering Attacks.
   
7. Now, type 2 to select Website Attack Vectors, and press Enter.
   
8. In the next set of menu, type 3, and press Enterto select the Credential Harvester Attack Method.
   
9. Now, type 2 and press Enter to select the Site Cloner option from the menu.
   
10. Type the IP address of your Kali Linux (External Network) machine, in the prompt for IP address for the POST back in Harvester/Tabnabbing, and press Enter. In this example, the IP is 192.168.0.7.
    
11. In Enter the url to clone, type http://www.luxurytreats.com, and press Enter.
    

    As there is no Live Internet connectivity in iLabs enviroment, we are using local sites hosted in the network as an example.
    In this lab we are using luxurytreatswebsite which is hosted on the Web Server Subnet C machine.

    
12. This will initiate the cloning of the specified website.
    The cloned website is placed in /var/www/htmldirectory.
    

    If Do you want to attempt to disable Apache? [y/n] request appears, type Yand press Enter.

    
13. Select Advertisement Dept. Subnet D and Sign in as Administrator. For doing this, click Advertisement Dept. Subnet D, click Ctrl+Alt+Delete.
    
14. Select Administrator user in the login window.
    
15. In the logon box, click Pa$$w0rd in the password field and press Enter.
    
16. Click on the Close button at the top right corner of the Server Manager window to close it.
    
17. To launch Google Chrome browser, double-click Google Chrome icon on the Desktop.
    

    You can launch any other browser for this exercise.

    
18. Google Chrome window appears; now type http://192.168.0.7 in the address bar and press Enter.
    
19. A replica of luxurytreats web page is presented, as shown in the screenshot.
    

    IP address of the target machine (Kali Linux (External Network)) is displayed in the address field in spite of the legitimate URL http://www.luxurytreats.com

    
20. Enter the credentials to Log In to the website. Here the credentials given are:
    UserName: adam
    Password: diamond
    Click Login or press Enter.
    
21. It does not allow logging in; instead, it redirects you to the legitimate page of http://www.luxurytreats.com.
    Close the Browser window.
    
22. Click Kali Linux (External Network) machine.
    As soon as the victim (you) types in the credentials, and clicks Login, the SET fetches the entered credentials as shown in the screenshot which can be used by an attacker to gain unauthorized access to the victim’s account.
    
23. Close all the windows and applications in both the machines.

In this lab you have learnt how to extract the passwords.