Penetration testing using Social engineering.
In my opinion, social engineering penetration testing is the most exciting sort of testing. Social engineering is manipulating human psychology to exploit vulnerabilities and influence behavior. Penetration testing may involve sending phishing emails, making phishing phone calls, or gaining access to protected facilities to assess the potential impact of an attacker targeting workers. There are a variety of social engineering attacks which includes:
Network penetration testing (external and internal)
Network penetration testing aims to detect security flaws in a specific environment. The penetration test aims to discover holes in the target organization’s systems, networks (wired and wireless), and networking devices such as switches and routers.
Network penetration testing can be used to complete the following tasks:
• Bypassing an Intrusion Detection System (IDS)/Intrusion Prevention
System (IPS)
• Bypassing firewall appliances
• Password cracking
• Gaining access to end devices and servers
• Exploiting misconfiguration on switches and routers
Cloud penetration testing
Cloud penetration testing entails assessing security threats and testing cloud platforms for flaws that could expose sensitive information to unauthorized users. Before engaging with a cloud platform, confirm you have legal permission from the supplier. Penetration testing on the Microsoft Azure platform requires legal clearance from Microsoft due to the potential impact on other users and services in the data center.
Physical penetration testing
Physical penetration testing evaluates access control methods to safeguard an organization’s data. Offices and data centers have security systems in place to prevent illegal access. Physical security controls consist of the following:
• Security cameras and sensors: Security cameras are used to monitor physical
actions within an area.
• Biometric authentication systems: Biometrics are used to ensure that only
authorized people are granted access to an area.
• Doors and locks: Locking systems are used to prevent unauthorized persons from
entering a room or area.
• Security guards: Security guards are people who are assigned to protect something,
someone, or an area
Credential Harvesting Using Site Cloning.
Objective:
Discover the method for obtaining credentials by using a replicated website.
Purpose:
Credential harvesting involves secretly collecting sensitive information from a target, such as passwords or answers to security questions, without their knowledge.
Tool:
Kali Linux
Lab Topology:
For this lab, you can utilize Kali Linux within a virtual machine.
Lab Walk-through:
Step 1:
The first step is to boot your virtual machine and launch Kali Linux. After it is up and running, open a terminal and start the “SET: Social Engineering Toolkit” by typing as the root user:
setoolkit
When “Do you agree to the terms of service [y/n]” message appears, type “Y”.
First, update SET utility to get latest features. Choose option 5
Step 2:
Navigate through the main menu by selecting option 1 for “Social-Engineering Attacks,” and option 2 for “Website Attack Vectors.” Next, opt for option 3, the “Credential Harvester Attack Method,” when prompted on the subsequent screen.
Step 3:
In the following menu, select option 2, “Site Cloner,” as we will clone a website to harvest the victim’s credentials for this lab.
Step 4:
SET will prompt you to provide your IP address to facilitate sending POST requests from the cloned website back to your machine. Typically, SET can automatically detect your IP address. If your Kali node has multiple IP addresses, you can identify the desired one by opening a new terminal and running “ifconfig”.
After indicating to SET that you want to clone a website, it will request the URL of the site you intend to clone. You can enter any site of your choice. For this lab, the example site used will be https://www.facebook.com.
Step 5:
After entering the URL, SET will clone the website and show all the POST requests from the site in this terminal. Now, proceed to access the cloned site.
Step 6:
To access the cloned site, launch Firefox on your Kali machine and enter your local IP address into the browser. This will display the cloned Facebook login page. Enter any random username and password into the provided fields, then click on “Log In”.
Step 7:
Lastly, return to the terminal where SET is active. Scroll through the output of numerous POST requests sent from the cloned site. Look for the sections labeled “username” and “password”. Here, you will find the username and password you entered on the cloned site displayed in clear text.
Discover more from Daily Scope Blog
Subscribe to get the latest posts sent to your email.