Settings
Log out
Sometimes a hooked browser can be more vulnerable to phishing attacks.For eg.
In this session we are going to see how an attacker initiates a phishing attack to a hoocked browser using BeEF framework by sending commands.
Senario:
The victim is browsing some webpage and all of a sudden he is asked to provide some social networking passwords. If the victim is naive and thinks that this webpage is legitimately requesting for that social networking password, he might give the credentials and he can see nothing strange but his credentials will be sent to the attacker. These kinds of attacks are not legal, but being a hacker we should know how these attacks happen, so that we can find a solution to fix this issue.
Now that we have hooked the target's browser, we can execute some of the built-in modules from the "Commands" tab.
There are over 300 modules, from browser hacks to social engineering, including, but certainly not limited to:
When you find a module you want to use, select it, then click "Execute" under its description. As an example, I'm going to use the "Google Phishing" module in the "Social Engineering" folder.
After executing it, a fake Gmail login page will appear in the hooked browser. The user may not think twice about inserting their username and password, and once they do, we log it. Afterward, they are directed back to Google's site as if they logged in regularly.
To find the username and password we logged, just click on the command in the Module Results History column. For me, I see the user and the password. You can also view this information from the "Logs" tab.
If we wanted to, we could customize the URL that the Google Phishing module uses, in case you want to use something more believable than the old-style Gmail interface.
Once we have the browser hooked, there are almost unlimited possibilities of what we can do. You could even leverage BeEF for operating system attacks.