Penetration testing without authorization is illegal. This is how hackers perform mass email attack. If you chose HTML message then add the HTML tags as well. P for plain text or H for html Enter the body textĮnter the body of the email here. Now the SET will ask you if you want the body of the message to be HTML or Plain Text. Now SET will ask you to enter the subject of the email. Sometimes this may be effective, but it could also make the victim suspicious, so we suggest using this option only when it suits your needs. Now the SET will ask you to enter the password for the email account.Īfter entering the password, you have the option to specify this message as high priority. This could be “Admin” in case of a spear-phish attack. Pay specific attention to this field, as this where the actual social engineering takes place. This is the name that will flash first in front of your victim. Next, enter the name that you want the email recipients to see in their Inbox. The email address and password must be correct. Option 1 : Use a Gmail account for email attackĮnter the Gmail address you want the mass attack sent from. If you have a self-email / SMTP server feel free to explore the other options. After selecting the terms, we are now selecting the first option as social engineering attack as follows. After opening the SET now in this step, we accept the terms of the SET as follows. Now select Option 1 as we will be using a Gmail account for sending the mass emails. To open the SET, go to the applications -> social engineering toolkit -> SET. The easiest way is to drag and drop the email_list.txt file into the terminal. Now you need to define the path to the email list. First, we have to boot up Kali Linux and from Applications choose Social. Simply open the terminal and type: se-toolkit In this article, we will explain to you how to create a reverse shell backdoor using a social engineering toolkit. Now I will open Social Engineering Toolkit, SET: If you don’t have an email list, please refer to this link to view my tutorial on Email Harvesting : Click Hereįor this tutorial we will be using email list file: email_list.txt To begin the mass email attack, we first need a list of email addresses, either one that we’ve compiled or one supplied to us by the organization we are conducting the penetration test for. In this post I will be sending mass emails using Kali Linux and SET (Social Engineering Toolkit) There are many software options available for bulk mail sending but the best tool on the market is already present in our favorite penetration testing OS : KALI Linux While phishing, penetration testers often need to send bulk emails to the employees of the organization who requested the penetration test. Certainly we need to send mass emails during phishing tests. Sending mass emails is not a new concept for the ethical hacking community. Mass Email Attack Kali Tutorial : Kali Linux SET Tutorial
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |