Hey Folks, In our previous articles we discussed about the installation and some features of the Metasploit tool, but in this article we will discuss the leftover features of this tool. You can check both article from here.
Let’s take a look 😛 !!
Boot Metasploit Pro
Let’s boot up your Metasploit framework and select the “Phishing Campaign” option. Through this feature of this tool we can easily host phishing pages on our localhost web server and get the victim’s credentials easily.
Hmm 🙂 !! We have to give the name of the project which we can give as per our own.
After that we have to name the phishing page which will appear in the link and also on the browser. In our case we give the name of the phishing page as “login“. After that select “Custom Campaign” option and click on “Web page“, a sub-feature of “Custom Campaign” option.
Again, you have to give the same name that we gave in the beginning. Then select the type of attack as phishing and enter the address where you want to redirect the victim.
Move to the content section and click on the “Clone Website” option to clone the entire website in just a second. After that give the name of the website you want to clone and then click on “clone” button.
Great 😛 !! You can see the preview of the clone page side by side and it look like same as original facebook page.
Done 🙂 !! All the work is finished and now we need to start the campaign by clicking on it.
Link 🙂 !! The tool generates a phishing link and places it in the “task log” section. Just we need to send it to the victim.
As you can see in the image below what the phishing page looks like after the victim opens the link.
You can see that the credentials has been submit by the victim twice.
Nice 😛 !! Finally, after opening it, we get the credentials of his social media account entered by the victim. Thus, you can host any social media phishing page on metasploit framework and perform phishing attack easily.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
3 thoughts on “Metasploit Pro – Create Phishing Campaign and Get Social Media Credentials”
Thank you another great tutorial. Could you please do a guide on the best way to send the link to the target. All the phishing tutorials end with sending the link, but what’s the best way to send the link?
you can use free services such as : ngrok, servo.net and many more
if you want to send link to the victim then you have to use some social engineering techniques such as :
1. send through whatsapp with outside country number.
2. send through email address for that you can check our article.
3. send via sms