2+

Hey Folks, In this tutorial we are going to talk about an credential dumping tool but it is quite different from the others tool because it is designed to grab the lock screen pins of the smartphone by phishing attack. Through this tool we can get lock screen passwords of various operating systems like: Android, Window and iOS etc. This tool is useful for the person who wants to enter the system but they do not have credentials.

Lets take a look 🙂 !!

Installation

It’s an open source tool which you can download it from the github by using the following command. After downloading is done we will go to the directory and boot this tool directly with the help of bash command.

Windows

We do not have to do anything because it will do it automatically and give us the final link that we must share to the victim.

The following message will be appear after opening the URL by victim.

The login prompt will be activated as soon as the victim clicks the “redirect” message on the browser. Yaa ! really its look like exactly same.

Great 🙂 !! When the victim enters his credentials to enter or login into the system then he will come to us.

Android

We do not need to run this tool again to perform the same attack for android devices. Now we send the same link to the victim.

Boom 🙂 !! You can see that we have successfully got the lock screen credentials of the victim android phone. Similarly, if the victim is using another operating system then it will identify itself and make phishing accordingly.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.

Leave a Reply