Phishing Attack Lab 3 Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

1 hour 1 minute
Video Transcription
I have one. Welcome back on the course. So in the last video, we went ahead and started setting up our SC tool kit or a social engineering tool kit. So we went ahead and watch Callie limits in this lab environment here. We went ahead and launch the actual tool. Something started configuring it to deliver our attack. No, If you haven't watched that video, you're definitely pause this video. Go back to that
because number one, you won't be able to complete this part of the lab.
And number two, it will make a lot more sense if you started square one.
All right, you'll notice that the payload has finally generated in the background. There takes several minutes I'm noticing. Kind of varies. So some. Sometimes it might take just a couple of minutes. Sometimes it may take upwards of like, 15 or 20 minutes, I will say, just
on my personal preference. If it's taken like over 10 minutes, I usually just cancel the lab. Launched the lab again, go through all the steps till this point and then, in most cases it'll actually generate the payload In just a couple of minutes. When I do that. So I'm not sure why that is, but that's one way to work. Kind of work around it if it's taken forever to generate the payment.
All right, so now we're had stepped 24 of our step by step lab document. Again. This is available. The supplement of resource is section for a download. I've always included those in the courses on That way, you could just walk through it on your own pace.
So now we're gonna do is want to rename the file. So we want to call a file that we're creating PC fixed, not zipped up. Pdf. So we're just gonna click Number two was our option here to rename the file, because you know what? At the end of the day, we want to be cool, right?
So press number two in there and press the enter key.
Now, it's gonna ask you for that File names were just gonna type in pc fix
dot zip
dot pdf. Now, obviously, most and users least we like the thing. So most enduring and users are going to notice a file like this and say that doesn't look right. But for our purposes, it doesn't matter too much. What we're calling it, we just are gonna do is kind of the standard naming convention for this particular lap.
So just like that in there, So PC fix dot zip dot Pdf impressed entering the keyboard.
All right, so now we have a couple of different options here. We could do a mass male heir. We actually just want to send this to a single email address because that's the email address we're gonna be putting in. And that way we can essentially target ourselves on this particular lap.
So just press one there and press enter.
And now it's gonna ask this Do you want to use a predefined template, or do you want a craft like your own individual one time template. So for our purposes, we want to be a little lazy in this Last one is from type one and press enter.
And now we're gonna have some different 10 place we can you choose from. So
for this lab, we're gonna pretend we're like the admin, or, you know, like the i t. Help Destined to speak. And so we're gonna use option number three here saying, Hey, there. Strange Internet usage from your computer. Click this, you know, document for more information, Papa thing.
So this type in three impress enter on the keyboard. Now let's go back to our lab documents. You can see kind of where we've gone so far.
So were we just completed Step 29. We talked that three in there to choose the messages says strange Internet usage. And now we're gonna type in the email address. So this hr organization dot com that's actually the email address we're sending it to. And then, as I mentioned before, we're going to be pretending that we're the admin, and that's who's gonna be sending the
So here we're in type in h r
at organization
Now, if you're in a different country outside the U. S. You know what, the UK or something you might be putting an s there instead of a C. That shouldn't matter too much for the purposes of this lab. You should be good to go.
All right. So once he taught that in, just press enter on the keyboard there, that's gonna ask you, do you want to use, you know, like a Gmail account for your email? attack, which I don't know why you ever would, um, or use your own server open. Rely. So we're gonna go ahead and just use our own server or open relay. So just pressed to there and press enter.
All right, So now he wants to know the from address, and as a mention, we're gonna be sending it from the abdomen accounts where it's going. Type in admin
at organization.
All right, what you taught that in? We're just gonna press enter on the keyboard,
and then it's gonna want to know, Like, what's the actual from name? Now, we're to put Adam in here, But, you know, obviously, if you're doing this for Riel, you'd be putting somebody in the organization's name. So maybe the CEO and telling a secretary like, Hey, you need to send me this money real quick. You know, whatever the case may be, you're gonna have to craft this specifically for your target.
But for our example, weakened issues admit. So he's contacted admin in there and press enter.
Now, we're just gonna leave the default username and password for the open relay. We're gonna leave those blanks, or it's gonna press enter here and then enter one more time for the password.
Now he's gonna ask us for an I P address, So smt SMTP email server address.
So now in our lab document. We going way down here. So now we're at step 37 right here. So we're gonna type in this I p address here.
Type in 102.168 dot 1.75 So tight that in 192.168
0.175 and then just press it the enter key. We're gonna have a couple of questions coming up here. So we're press enter here to leave. The default port is 25 for S and T P
and then you'll see that we have a couple of questions here. Do you want to flag? This message is hyper. You know, if you're doing any actual phishing email attack, you always want to create some kind of sense of urgency. You know, it might be something as simple as hey, you gotta, you know, quick this coupon deal right now, you know it's gonna end in 24 hours
or it could be something is Hey, this is, you know, high priority email
as we're gonna be doing here. Make sure you open it because, you know, it's urgent thing from, you know, the anti help desk of wood. So we're gonna type of why there are you? Yes.
It's gonna kind of run for a second here. We should get one more prompt for another question here. Might take a moment or so. While it's doing that in the background there, we're gonna take a look at our step by step guide.
So we just did step number 40 here. So you'll see. Step 40. Here. We have that. Do you want to flag? This message is high priority. We said yes to that press. Enter and you'll see. It took some time and usually takes about 5 to 10 seconds or so. That is going to give you this. Set up a list? No. Prompt. Here it step 41 where you do the same thing here. We do want to set up a listener.
So we're just going to say yes here.
Impressed. Enter.
All right, So it's gonna actually go ahead and start the listener. Now what we're gonna do is we're gonna go overto our victim machine and I should go ahead and log in and open this email that we just said.
So you'll see her and step forward here. We want to click the machines tab
on the right side here
and log into our window seven machine.
So the password here is going to be just the word password all over case, and that's in the step by step lab guide for you. Now you're gonna see a bunch of little pop ups here. You'll get the activate now thing. Just click Asked me later is kind of x out of this or click OK, you'll get one more pop up, usually about restarting your computer to say restart later.
All right, now we're gonna go in launch Google Chrome here on the desktop.
Hey, we're gonna type in this address right here. So here in step 47 were type of this H t t p s
colon force eyes forward slash 1 92.168 That wound up 75 Let's go and type that in now.
So https
Colon Ford's last four slash 192.168 dot 1.75
and then just press and turn to keep
It's gonna take a moment or so dashing pull up that page and it's actually gonna give us an heir message first letting us know that the pages entrusted and we're just gonna basically bypass that and we're gonna click the proceed to the I. P. Address there, you know, it says unsafe in parentheses. So the way we do that, just click this advanced option here,
and then click right here at the bottom. Where says, proceed to that I p address that's going to take us to a log in page
and in their type in this username of passwords of this T. Smith and then this password right here
we're type in T. Smith.
And then I like turtles for the password all over case.
And in case you're wondering, yes, I do like turtles, But I did not create that passed.
All right, let's click on signing or hit the enter key on your keyboard.
I was gonna go ahead and log. Assume there.
You'll see. We have our email of background there. I'm gonna go ahead and stop. Video here will finish out this lab in the next video. Now we're gonna open a reverse command shell, but we're not can actually do anything with that. So I just want to stress that we're not gonna do anything with it. We're just gonna open up that shell. That's kind of our goal for this lab.
Up Next
Social Engineering

We will explore some fake social media profiles, craft our very own phishing email and malicious payload using the Social Engineering Toolkit (SET) in Kali Linux, and play the “victim” by opening the malicious file.

Instructed By