Social Engineering Attacks - Web Clone / Harvesting Credentials

1. run your backtrack

2. run set app

cd /pentest/exploits/set

./set

3. choice "Social-Engineering Attacks"

4. choice "Website Attack Vectors"

5. choice "Tabnabbing Attack Method"

6. choice "Site Cloner"

7. write website you wanna clone,

ex,

http://gmail.com

8. go to google url shortener and put your computer/attacker IP,

http://goo.gl/

9. copy the your url shortener

10. give the url to your victim. see your set window, if they take the bait, suppose to be you will get their Gmail username and password.

11. good luck… May The Force be with you…!!!