CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/post/windows/gather/phish_windows_credentials.md
Views: 1904
Vulnerable Application
This module is able to perform a phishing attack on the target by popping up a login prompt. When the user fills credentials in the login prompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a login prompt when a specific process is starting. Tested on Windows 7.
Verification Steps
Start msfconsole
Get meterpreter session
Do:
use post/windows/gather/phish_windows_credentials
Do:
set SESSION <session id>
Do:
run
Options
DESCRIPTION
Message shown in the login prompt.
PROCESS
Prompt if a specific process is started by the target. (e.g. calc.exe
or specify * for all processes.)
SESSION
The session to run this module on.