Spear phishing attack vector – Setoolkit

When it comes to cyber security threats, spear phishing has emerged as a very effective attack vector. Unlike traditional phishing attempts that cast a wide net, spear phishing is a targeted attack that focuses on specific individuals or organizations.

What is Spear phishing attack?

Spear phishing is a type of cyber attack that involves sending personalized, deceptive emails to specific individuals or groups. Attackers carefully research their targets and collect personal information such as names, job titles, and recent activity to make their messages appear legitimate. By using this information, spearfishers create a sense of trust and credibility, increasing the chances of falling for the scam.

Techniques Used in Spear Phishing

Spear phishing attacks use a variety of techniques to trick their targets into divulging sensitive information or taking actions that could compromise their security. Here are some common techniques

Email Spoofing: Attackers often spoof email addresses to make their messages appear to come from a trusted source, such as a colleague, a bank, or a reputable organization.Social Engineering: Spear phishers use psychological manipulation to exploit human vulnerabilities. They may impersonate a trusted individual, create a sense of urgency, or exploit current events to increase the likelihood of their victims taking the desired action.Malware: Spear phishing emails may contain malicious attachments or links that, when clicked, install malware on the victim’s device. This malware can steal sensitive information, provide unauthorized access, or disrupt operations.

How to do spear phishing attack with setoolkit

The setoolkit tool has a spear phishing attack module pre-installed. So we can execute this attack with setoolkit tool. However, in this tool, you need to run the Sendmail package on Linux to run a spear phishing attack without any errors.

Step 1: Install sedmail

Just type this below command to install sendmail package

sudo apt-get install sendmail

Output for installing the sendmail pckage on linux

And now change the config/set_config SENDMAIL=OFF flag to SENDMAIL=ON. So type this below command on your terminal.

sudo sendmailconfig

Output for set sendmail config

Once you install sendmail config then start it so type this below command in your terminal

sudo service apache2 restart

Output for start apache2 server

That’s it. the sendmail installetion was completed

Step 2: Run the setoolkit

First, you open your terminal and type the below command, this command will enable you to run setoolkit in your terminal.

sudo setoolkit

Output for running the setoolkit

Step 2: Run the spear phishing

After running setoolkit tool you can see 6 options. To select the Social-Engineering Attack module which can be first in it, type 1 and press the enter button.

Output for selecting the social engineering attack vector

After selecting the social engineering attack vector you can see 10 attacking modules. To select the first possible Spear-Phishing Attack Vector, type 1 and press the enter button.

Output for choosing spear phishing attack vector

Step 3: Run the spear phishing attack

Once you complete the all above process you choose first option 1. Perform a Mass Email Attack

Output for choose the mass email attack

Now you can see lot’s of payloads. you can choose which payload you want, but I choose 1st payload. Once you choose payload It will ask IP address so type your local IP address or Ngrok IP address.

Output for set payload ip address

Once you type ip address it will ask which injection type you will choose so select which you want. i choose 1st one.

output for choosing the injection type

Now type port number and Select the payload you want to deliver via shellcode injection

Output for set port number

The DLL Hijacker vulnerability will allow normal file extensions to call local (or remote) .dll files that can then call your payload or executable. In this scenario, it will compact the attack in a zip file and when the user opens the file extension, will trigger the dll and then ultimately our payload. During the time of this release, all of these file extensions were tested and appear to work and are not patched. This will continuously be updated as time goes on. Now Enter the choice of the file extension you want to attack

Output for set the file extension

Now you need to set output file name and choose file format. see the below image

Output for choosing the file formate

Now you choose email attack type mass or single

Output for choosing the email attack type

Once you choose the email attack. then now you choose email template with the below options

Output for choosing the email template

Now type you target victim email address to sent this payload

Output for choosing the mail or server

Once you type your victim email address this tool will give two option to you if you have own server means choose 2nd option that’s better or else choose 1st option use any fake email account but the email account have this following condition.

Email account should not enable two way factor authenticationEmail account must be enabled less-secure-app

That’s it. If you have done all the above steps correctly then your payload will be sent to your target via email.

If your target clicks on the payload you sent, you can remotely access their device.

Output for get victim seesion

I hope you find this post very useful and if you have any doubts regarding this post you can ask me through the command section given below.

The post Spear phishing attack vector – Setoolkit appeared first on CybertechHack.