Netdiscover and Wireshark

Netdiscover is a tool that sends out ARP requests the same way that a switch or a router does; asking everyone on the network what their IP address is. It allows us to gather all the IP addresses thus providing us the ability to attack those machines we have gathered from NetDiscover.

ARP is a protocol that its used to find out the MAC address of a device from an IP address. Basically, this occurs when some device wants to communicate with another device in a Local Network (i.g. an ethernet network that requires physical addresses to be known before sending packets). The ARP its used by the device that wants to communicate, to “translate” the IP addresses to MAC addresses. Thus, a device sends an ARP request, that contains the IP address of the receiving device, so, all the devices connected to that Local Network segment “see” the message, but, only the device that has the right IP address, answer with the ARP message containing its MAC address, therefore, the sending device now has enough information to send the packet to the receiving device.

Netdiscover

Lets first install this tool using the apt-get install command.

How to understand phishing scams?

 

So, what about phishing scams?

Phishing is one of the most common social engineering attacks that has risen these days.

The following list provides some a few social engineering scams executed via phishing:

  1. Banking Link Scam:

Someone could easily send you an email to trick you to reveal some vital information about yourself. Even one may send a phony link to your bank to you such that you start to believe that your real bank sent it to you. Then, you will feel tempted to enter your user-name and password. In 2015, a campaign named Carbanak was able to get about around a billion dollars from over 30 countries. This information was found by Kaspersky. That is phishing.

What happened precisely is that spear phishing was highly depended on. As a result, workstations got infected through the help of their employees. Hackers were capable of tunneling more rooted into the bank’s systems, taking control over employee stations. This for sure allowed them to manage to transfer cash, to operate ATMs in a remote manner, get the information changed for different accounts, and do some other playful tricks on the reports.

The problem which occurred at that time was primarily due to a phishing email sent to some employees as if it was one of their colleagues who posted it. However, there was a malicious code right behind the scenes. It was able to spread from there widely. In the meantime, everything that happened on the victims’ machines was recorded by the attackers for future use. When proper time came, the attackers could understand everything in the system and get to know what things go where. This made it pretty easy for them when it came to doing several transactions among which was the ATM hits. In addition to that, inflating bank balances then siphoning off that amount was something on the scene such that an account balance for a customer might go from $20,000 to $100,000 and the $80,000 were the earnings of the hacker.

 

  1. Fax Notice Scam:

A phony link to a fake fax is all that it is. However, the damage is enormous when it occurs to your computer as a result. This type of scams appears significantly when it comes to dealing with companies that substantially rely on faxes. Firms that heavily utilize faxes are exemplified by document management firms, title companies, and other companies for insurance and other financial services.

 

  1. Dropbox Link Scam:

Even Dropbox has its surprises with regards to scams. Some security incidents occurred through the year 2014. In one of the cases, what happened is that there was a phishing email sent to victims, asking them to click on a fake link to reset their Dropbox password. After clicking the link, it led the users into a page. There, they faced a warning from the browser saying that their browser is out of date and they need to update it. There was a button where users needed to press to run their update. However, this was the trigger for a Trojan in the Zeus family of malware. Additionally, there was another phishing attack that used Dropbox. Emails were sent to victims having some Dropbox links. On clicking on such links, malicious software like “CryptoWall” ransomware got into the systems.

 

  1. Court Secretary Complaint Link Scam:

This is another phony link which hackers use to trick a customer who falls as a victim of phishing. It is a link that confirms a customer’s complaint. For instance, a phishing email of that sort may include a kind of prediction that a consumer is willing to complain about something very soon. The one who sends the email attempts to grasp the problems that the customer has to further work on them. Using this kind of phishing was in fact very common for quite some time.

 

  1. Facebook Message Link Scam:

This type of phishing trick mainly appears at the time of death time of a celebrity. A link is sent through Messenger or shared through different pages that daisies will be pushed up from the computer through a click on the proposed link.

One vivid example of this occurred when Robin Williams died. Unfortunately, a phishing message through Facebook was hugely widespread among different users tempting them to open a link to watch the Robin Williams goodbye video. The phishing message was really to the point such that even they added more flavor to the title of the link to indicate that it is an exclusive video of Williams saying goodbye through his cell phone. When the user clicked the link, the link drove them into a bogus BBC website page which had nothing but some bad links leading to scam online surveys.

How is it possible for an attacker to attract more victims to the counterfeit website?

There are in fact many methods which an attacker utilizes to get more victims to visit the fake website. Among these methods, the following four tricky methods exist:

  1. The attacker shortens the phishing website to the minimum appropriate length.
  2. The URL gets several shares on social media websites such as WhatsApp and Viber. It is more likely that people will have the incentive to get through these phishing links there because there is no shared awareness of computer security among the users of these social groups.
  3. Many use mostly social engineering here such that people will fall into the trap and open the links.
  4. URLs are sent by the attackers to the victims through emails especially from female names.

Try Certified Ethical Hacker for FREE!!!https://infosecaddicts.com/course/certified-ethical-hacker-v10/

Sources

https://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attack

Hacking GMail Using Phishing Method and Prevention

Novice
$0
Join the infosec family! Your journey starts here. The free tier gives you limited access to our training materials.  
Regular use
$49
This is the second tier that includes limited access to our training materials and to our exclusive lab.    
Risky use
$69
This third tier gives you all the luxuries of the Free use and more. You have access to self-paced classes.  
Monthly use
$89
This last tier gives you the Free, Social and Problem use for just $89 a month. Plus you will save $29!!!

How to Hack Gmail using Phishing Method

 

In fact, a key answer to the proposed question in this article’s title is Wapka. So what is Wapka? It is a free platform for website creation. By using it, Gmail id, browser and IP address of a victim could be all sent. Through this website, a phishing website could be created easily without any much knowledge about PHP or MySql.

 

What do I have to get before getting into the steps?

You have to be aware of the following points before starting the steps which are to be discussed later on in this article:

1. You have to have an email account to be able to register on Wapka

2. You have to be knowledgeable of HTML to some extent.

3. You have to be knowledgeable of Gmail to some extent.

4. You also should be somehow aware of website creation.

5. You have to have a victim as a target for this attack.

What are we about to do now?

We are to create a website that looks exactly like Gmail mobile website. Then, we will receive the victim’s passwords, email id, IP address and browser information, through our email id.

 

Let’s discuss the detailed steps now:

1. Open the Wapka website and get a new account registered on the site.

2. Now, get logged into your new account and navigate through the Site List to create a new one.

3. Type the name of the site, noting that all characters should be in the range of characters a to z  and numbers 0 to 9. Special characters are not allowed.

For example, you can create a username:  newgmail21 and make it @wapka.mobi

4. After clicking “submit”, this should drive you to a screen with two options: either an Admin Mode or User Mode. You should click on “Admin Mode”.

5. A blank page should now appear, which is simply your site to which you have done nothing so far. To start editing your site, click on the link:: EDIT SITE(#):: This link is at the lower rightmost corner of the screen.

6. Click on the Mail form out of all the options which appear to you now.

7. A new screen will appear. You should uncheck “Enable CAPTCHA pictures”.

Now, click “submit”. Also, remember not to set it in admin mode.

8. To make your email id as the destination where the victim’s details will be sent, you need to do the following:

A. Navigate through the site list and click with the cursor on your website name. Without choosing the Admin Mode, you need to scroll down and hit “Source code viewer.”

B. Inside the box, you should type the link to your site. There should appear a screen with some code, search for the word “value=” and take note of the number right beside it.

C. Make the mail form hidden the Admin mode. This could be simply done through the next step, but this is after getting the value=’XXXX..” code.

D. Now click on your site, then choose the Admin mode. You should have a blank site again like what happened before, and now you should also click on “Edit Site”. Afterward, click on              “Users”.

E. Click now on items visibility, and then you should select X from the drop-down menu.

F. Now, download the following code from this link:

https://www.hacking-tutorial.com/tools/subscribers/index.php?id=hckgml

G. Click on your site again and press the Admin Mode. Now, you should press Edit site and choose “WML/XHTML code”. You should now make use of the code you have just downloaded; copy paste it into this section of WML/XHTML code.

I. Remember to get the value=”XXX..” in the code replaced by the one you extracted just now.

9. Now the phishing website is ready as a design, appearance, and even functionalities. Any victim’s details should now get sent to your email which you used while registering on the Wapka website. The email will be received from [email protected] The details that will be sent should include: User-name and password With IP Address and Browser used by the victim.

10. Congratulations! You can now hack the Gmail account. Well done.

 

Where can’t I use Wapka?

There are two locations where the use of Wapka is impossible:

1. Facebook: any Wapka URLs get blocked by Facebook before sharing them. That’s because people on Facebook try to save their clients to the most possible levels.

2. India: the government there blocked the use of this website inside the country. Even surfing the website is impossible inside India. However, they forgot how a proxy site could do all the magic as mentioned earlier no matter whether the website is blocked in a country or not.

 

How can one prevent himself/herself from getting hacked through Gmail phishing?

1. First of all, you’ve got to make sure that the URL starts with “https” in the URL bar. This ascertains that it is a Google site.

2. If there is a link which refers to any “Free Offer, Free Lottery, Free Insurance, Free Net” etc., it is very highly recommended not to click on the link because it may be a phishing site. This is so common on social media websites such as Whatsapp, or even text SMS messages.

3. Don’t press links sent to you in the email just because a girl has sent it to you. This is actually one of the commonly used phishing methods to trick male guys and motivate them to open the link. This method is one of the trickiest methods of social engineering.

4. So, in a nutshell, try not to get yourself into social engineering to avoid being a victim of phishing in general and Gmail Phishing in particular.

Try Certified Ethical Hacker for FREE!!!https://infosecaddicts.com/course/certified-ethical-hacker-v10/

Sources

https://www.hacking-tutorial.com/hacking-tutorial/hacking-gmail-using-phishing-method-and-prevention/#sthash.4LzmArQ2.RNipUpcm.dpbs

Novice
$0
Join the infosec family! Your journey starts here. The free tier gives you limited access to our training materials.  
Regular use
$49
This is the second tier that includes limited access to our training materials and to our exclusive lab.    
Risky use
$69
This third tier gives you all the luxuries of the Free use and more. You have access to self-paced classes.  
Monthly use
$89
This last tier gives you the Free, Social and Problem use for just $89 a month. Plus you will save $29!!!