1 00:00:02,060 --> 00:00:08,300 Now let's have a look on a social engineering slogan that'll allow us to steal usernames and passwords 2 00:00:08,600 --> 00:00:10,430 for accounts. 3 00:00:10,460 --> 00:00:16,520 So basically the way this works is it tells them the screen and it'll tell the person that you got logged 4 00:00:16,520 --> 00:00:17,600 out of your session. 5 00:00:17,690 --> 00:00:22,010 So please log in to your account again so you can get authenticated. 6 00:00:22,130 --> 00:00:24,970 So this will allow us to bypass CCTV as haters. 7 00:00:25,010 --> 00:00:25,710 Yes. 8 00:00:25,830 --> 00:00:31,850 All of the security that's used by the target account page for example if you're trying to get username 9 00:00:31,850 --> 00:00:37,940 and password for Facebook then you'll be able to bypass all the security that Facebook uses because 10 00:00:37,960 --> 00:00:42,050 you're what you're doing is you're actually just showing a fake Facebook page. 11 00:00:42,110 --> 00:00:46,590 So the user will never actually get in contact with Facebook. 12 00:00:46,620 --> 00:00:53,850 So let's just click on this and you'll see that you can click from here you can click what account that 13 00:00:53,850 --> 00:00:55,090 you want to hijack. 14 00:00:55,410 --> 00:01:02,120 So let's say we're going with Facebook and you can select what the backlash what we saw just even that 15 00:01:02,210 --> 00:01:03,080 as great. 16 00:01:03,390 --> 00:01:08,430 And we're going to execute this and we go when we go to our target. 17 00:01:08,550 --> 00:01:12,220 You'll see that they're being told that they got logged out of their session. 18 00:01:12,360 --> 00:01:14,870 So please log in with your username password. 19 00:01:15,060 --> 00:01:21,310 So I'm going to put my username as as then I'm going to put my password as one two three four five six 20 00:01:23,280 --> 00:01:25,900 10. 21 00:01:26,010 --> 00:01:27,180 If we go back here 22 00:01:29,960 --> 00:01:36,610 you'll see that we got our username was 8 and the password was 1 2 3 4 5 6. 23 00:01:36,740 --> 00:01:39,980 So you can use this to hijack a number of accounts for example. 24 00:01:39,980 --> 00:01:41,840 And let's just have another example. 25 00:01:41,840 --> 00:01:47,360 If we go with you to again you give it an execute comeback. 26 00:01:47,510 --> 00:01:56,460 You see the YouTube logo and you can try to log in a username password sign in and that'll be captured. 27 00:01:56,870 --> 00:02:04,190 So again this is a really good way of gain access to accounts because even if the user is not planning 28 00:02:04,190 --> 00:02:08,900 on logging into the account that you're trying to steal then you'll kind of force them to enter their 29 00:02:08,900 --> 00:02:13,170 username and password to get to be logged back into their account. 30 00:02:13,310 --> 00:02:16,000 And then you'll be able to capture the username and password.