Johanes Ronaldo

This week we are going to make a website that will be used for phishing and the tool that we are going to use is SET which is already installed in the kali linux. This purpose of this tool is to get the username and password information of the person being attacked.

First, enter the command to start the tool

Read the agreement and type ‘y’ to agree. Keep in mind that this tool should not be use for evil and doing so will violate the agreement.

You will then see the main menu of the tool.

 From here, proceed by typing ‘1’ which will enter the ‘Social Engineering Attacks’ menu.

 Here is the ‘Social Engineering Attacks’ menu. Now type in ‘2’ to enter Website Attack Vectors

 Then choose ‘3’ to go to ‘Credential Harvester Attack Method’. Here is the description of ‘Credential Harvester Attack Method’. There are also other explanation about other attacks in above this menu.

You will then see this menu. click on Site Cloner.

You should then see a similar page. This shows what my ip address is which is 10.0.2.15 and we can enter what url we want to clone. I chose to clone www.facebook.com. If you are asked if you want to disable apache type ‘y’ otherwise the tool will crash and you will have to try again from the beginning.

 Once you see this line, you can open the ip address and see the clone website.

 Open your browser and type in the ip address. You can see i have successfully cloned facebook. However, if you look closely on the url, it is the ip address not facebook.com. Lets try putting in the email and password

 Once i have input the email and password, it redirects to the real facebook.com. This will create the illusion that there have been an error on the part of facebook and people would type in their email and password again not suspecting anything. But what they did not know is that i have already obtained their email and password and i can view it from the terminal.

This is how a hacker can obtain information about a user from social engineering. In order to avoid this, always check the url of a website before putting in any information. And do not trust an email from a sender that you do not know. Lastly, stay away from spam email as much as possible.

Now that we have successfully installed DVWA, we will learn how to use this tool. First thing that we have to do is start the apache2 and mysql service. If you read this part after you just installed DVWA, you do not need to start the services again.

Now open the browser and enter localhost/login.php. You will see a page asking for a username and password.

By default, the username is ‘admin’ and the password is ‘password’. Click Login and you will see the DVWA homepage.

Now we can see methods that we could try such as “Brute Force”, “SQL Injection”, and many others, but before trying different methods, we need to set the level of security. Click the DVWA Security and set it to Low.

Command Injection

Security Level: Low

Now let’s use “Command Injection” and see the following page.

 Try entering an ip address. (I used google.com)

you should see the result of the ping. Now we know that the this is similar to using the terminal and using the command “ping www.google.com”. Now lets try finding the user ID. With the unix command we will be using “ping www.google.com; id”. so lets try putting in “www.google.com; id” in the text box.

We can see the result and find our user ID which is 33. Now click the “View Source” button on the bottom of the page to see the source code.

Security Level: Medium

Now lets change the security level to medium and try the same command again. You will find out that it will not give you any result. Click on the “View Source” button at the bottom of the page.

We now have a set of blacklisted character which means that character of ‘&&’ and ‘;’ is blacklisted and removed. This means that the command that we use is not “ping www.google.com; id” but “ping www.google.com id”. Lets try placing that command on the terminal.

 The command failed.

So what can we do? Since we know that ‘&&’ and ‘;’ is blacklisted, we should use other character other than ‘;’. Lets try “www.google.com | id”.

 We now get the id without using ‘;’ character. This solves the Medium level security.

Security Level: High

Turn the DVWA security level again to high and place the command “www.google.com; id” to use the ping service. The result is missing again so lets check the source code.

 The number of blacklisted character increases. Now it seems that you cannot obtain the result. However, if you look closely at one of the blacklisted character of “| ” you can see that the character in there is ‘|’ and a blank space. Lets go around this by using “www.google.com|id”. Place the id next to the pipe. It should work as terminal does not care whether there is a space or not.

 We can see that the ping works and we have solve the hard level DVWA security level.

This is week we learn about one of the step in hacking which is social engineering. Social engineering is the act of information gathering by way of communication. There are several ways to gather information through social engineering. One of the way is to befriend someone who works at the place you are targeting. When you befriend someone and make them trust you, they may sometimes unconsciously slip up  and tell you confidential information about the company. Even small things such as knowing the name of the higher up can be a good information, one of the way to use this is to pretend that you are assigned to one of the projects given by this higher up. We also learn the difference between interviewing and interrogation. In interviews, the person being interviewed acknowledge that they are interviewed and has set up a meeting beforehand while in interrogation, the person interrogated does not schedule the interrogation beforehand. They may get violated physically sometimes and they do not agree to be interrogated.

Today we learn about a hacker called Kevin Mitnick

Social engineering can also be used to escape danger, such as Kevin Mitnick who was once a hacker and imprisoned for 5 years due to his hacking activity. He uses his own social engineering skill to escape the FBI once, by saying that the person the FBI searches for is not him and that he can prove it by checking the mailbox name. He is also known to hack communication device that allow him to be one step ahead of the FBI. He is now a computer security consultant to the government and an author. He also creates a security firm called Mitnick Security which help test company’s security and seek potential loopholes.This is Kevin Mitnick

Here is a video of a live hacking he does to intercepts and read an email.

This week we are going to be installing DVWA (Damn Vulnerable Web Application). What we need to do first is download the DVWA archive.

Once we have done installing it, move the file to a directory that is easier to read.

give permission to write and execute the folder.

Now lets create a database and an account, enter these two commands and click enter when asked about the password as the password for root is blank, then enter the commands to make the database and account.

Once that is done stop the mysql server

To install dvwa you will need php module that do not exist in kali linux which means that you have to install it. Use the following command to do so

 (If you are using php v7 then apt-get install php7.0-gd)

Now write this in the command to edit the database. Edit the database to add captcha keys for your database

We are almost done, now edit the main config file using the command below (The location of php.ini is different according to the version of php)

 Change the line of “allow_url_include” to On.

Start the server and database

Open localhost/dvwa/setup.php in the browser

Check the DVWA installation here. Click the “Create / Reset Database” button you will be redirected to the login page. Enter the credential and you are ready to use the DVWA!

*By default the username is ‘admin’ and password is ‘password’.

https://medium.com/@TheShredder/create-your-ethical-hacking-environment-install-dvwa-into-your-kali-linux-4783282dea6a