1
00:00:02,060 --> 00:00:08,300
Now let's have a look on a social engineering slogan that'll allow us to steal usernames and passwords

2
00:00:08,600 --> 00:00:10,430
for accounts.

3
00:00:10,460 --> 00:00:16,520
So basically the way this works is it tells them the screen and it'll tell the person that you got logged

4
00:00:16,520 --> 00:00:17,600
out of your session.

5
00:00:17,690 --> 00:00:22,010
So please log in to your account again so you can get authenticated.

6
00:00:22,130 --> 00:00:24,970
So this will allow us to bypass CCTV as haters.

7
00:00:25,010 --> 00:00:25,710
Yes.

8
00:00:25,830 --> 00:00:31,850
All of the security that's used by the target account page for example if you're trying to get username

9
00:00:31,850 --> 00:00:37,940
and password for Facebook then you'll be able to bypass all the security that Facebook uses because

10
00:00:37,960 --> 00:00:42,050
you're what you're doing is you're actually just showing a fake Facebook page.

11
00:00:42,110 --> 00:00:46,590
So the user will never actually get in contact with Facebook.

12
00:00:46,620 --> 00:00:53,850
So let's just click on this and you'll see that you can click from here you can click what account that

13
00:00:53,850 --> 00:00:55,090
you want to hijack.

14
00:00:55,410 --> 00:01:02,120
So let's say we're going with Facebook and you can select what the backlash what we saw just even that

15
00:01:02,210 --> 00:01:03,080
as great.

16
00:01:03,390 --> 00:01:08,430
And we're going to execute this and we go when we go to our target.

17
00:01:08,550 --> 00:01:12,220
You'll see that they're being told that they got logged out of their session.

18
00:01:12,360 --> 00:01:14,870
So please log in with your username password.

19
00:01:15,060 --> 00:01:21,310
So I'm going to put my username as as then I'm going to put my password as one two three four five six

20
00:01:23,280 --> 00:01:25,900
10.

21
00:01:26,010 --> 00:01:27,180
If we go back here

22
00:01:29,960 --> 00:01:36,610
you'll see that we got our username was 8 and the password was 1 2 3 4 5 6.

23
00:01:36,740 --> 00:01:39,980
So you can use this to hijack a number of accounts for example.

24
00:01:39,980 --> 00:01:41,840
And let's just have another example.

25
00:01:41,840 --> 00:01:47,360
If we go with you to again you give it an execute comeback.

26
00:01:47,510 --> 00:01:56,460
You see the YouTube logo and you can try to log in a username password sign in and that'll be captured.

27
00:01:56,870 --> 00:02:04,190
So again this is a really good way of gain access to accounts because even if the user is not planning

28
00:02:04,190 --> 00:02:08,900
on logging into the account that you're trying to steal then you'll kind of force them to enter their

29
00:02:08,900 --> 00:02:13,170
username and password to get to be logged back into their account.

30
00:02:13,310 --> 00:02:16,000
And then you'll be able to capture the username and password.