What is Website Cloning and SE Toolkit?
Website cloning is an action to create an exact copy of a website, which usually used to find vulnerabilities and develop exploits on the cloned website. In this case, website cloning is used to act as a fake website that will receive input from users such as login credential.
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.
Who and Why Clones a Website?
As mentioned, people that utilize website cloning are those who are trying to do social engineering attack on their target to gain credential or authorized access. These social engineers aim to attack the weakness and the vulnerability of a person without the trouble of digital system hacking.
Where and When to do Website Cloning?
Website cloning in social engineering is one of many way to get account credential of a person, it is usually involved when the attacker or hacker tries to gain the account credentials of the target. This look alike website will then be used by the target to input the credential, which actually will be transferred to the social engineer.
How to do Website Cloning(PRACTICE)
SE toolkit – To clone the official website and set the cloned website’s domain or IP
Scenario – We aim to get the credential of a login attempt on facebook.com
- As we want to do social engineering attack, select option 1 of SET
- Type 2 for website attack vector
- Enter Credential Harvester attack method, then Harvester’s site cloner
- Enter the IP of your computer
- Enter the URL of the website that will be cloned
The SE Toolkit is waiting for a browser connection into your IP address
- Open your browser and enter localhost or your IP address, the website you cloned will appear
- Try to login into the cloned facebook (no need to use real credential), after pressing enter the script will redirect to the real facebook
- Check the toolkit and see that the login attempt has been captured, which can be seen in plain text
Conclusion and Solution
So as discussed above, we can conclude that website cloning is commonly used to act as a fake website that will receive input from users such as login credential. With SE Toolkit this part of social engineering which is website cloning can be done easily without building an actual web page.
To avoid from a clone website attack, it is recommendable for account owners that are attempting to login to the website to double check the domain or IP of the web page.
