1 00:00:03,110 --> 00:00:03,970 Welcome back, class. 2 00:00:04,010 --> 00:00:09,290 We wanted to add one more bonus video just to show you another site being cloned. 3 00:00:09,530 --> 00:00:14,690 Sometimes you'll have trouble with the first site you try and a Web sites are updating all the time. 4 00:00:14,690 --> 00:00:17,690 In fact, some people will have trouble with Facebook from time to time. 5 00:00:18,080 --> 00:00:23,210 So I'm going to show how to clone the Twitter log in page so that we've got a little bit of variety 6 00:00:23,210 --> 00:00:23,420 here. 7 00:00:23,420 --> 00:00:26,270 And so you can see another Web site that you might want to try. 8 00:00:26,600 --> 00:00:29,630 But the important thing with set is to just keep trying. 9 00:00:29,630 --> 00:00:33,140 If a Web site is made, it really difficult to clone. 10 00:00:33,170 --> 00:00:38,810 You can try that critic troll harvester with a page that you create yourself or you can just find another 11 00:00:39,170 --> 00:00:40,850 Web site that works a little better. 12 00:00:41,480 --> 00:00:45,410 So I want to go out to Twitter dot com slash log in. 13 00:00:46,940 --> 00:00:51,110 And remember, we need to find a page where we got the log in right here, built in. 14 00:00:51,800 --> 00:00:56,660 I've got the dark settings set on my Firefox, so it looks a little bit different, but that's OK. 15 00:00:57,740 --> 00:01:03,770 We want to get a full log in page so that we've got a path to something that has a username and password 16 00:01:03,770 --> 00:01:04,640 on the same page. 17 00:01:05,000 --> 00:01:10,470 So I'm actually going to copy that so that I can bring it over into my social engineers tool kit. 18 00:01:11,670 --> 00:01:14,320 And I'll scroll down to 13. 19 00:01:15,360 --> 00:01:16,140 Set. 20 00:01:17,710 --> 00:01:18,820 We'll have dinner, my password. 21 00:01:18,910 --> 00:01:19,300 Okay. 22 00:01:19,570 --> 00:01:19,870 I. 23 00:01:22,650 --> 00:01:24,970 And I'm going to agree to the terms, yes. 24 00:01:25,280 --> 00:01:26,700 We'll only use this for good. 25 00:01:27,480 --> 00:01:31,710 And I'll increase the font size just a little bit so you can see that better. 26 00:01:33,030 --> 00:01:40,470 So we're going to do a social engineering attack, one Web site attack to a credential harvester because 27 00:01:40,470 --> 00:01:44,910 we want to get usernames, passwords, three and then two for the site cloner. 28 00:01:46,380 --> 00:01:49,380 And the IP address for clinics is prefilled in there. 29 00:01:49,440 --> 00:01:52,440 It's turned out Odah nine, that's seven this time that we're running Kalli. 30 00:01:53,520 --> 00:02:02,250 And now I'm going to enter the you are old clone now control shift v, my htp s Twitter dot com slash 31 00:02:02,250 --> 00:02:03,270 log in page. 32 00:02:05,440 --> 00:02:07,180 And where it looks like we're up and running. 33 00:02:07,210 --> 00:02:11,290 So we'll come back over here and now we'll run local host. 34 00:02:15,290 --> 00:02:17,840 And local hosts should have a log in page. 35 00:02:17,870 --> 00:02:18,590 There we go. 36 00:02:19,160 --> 00:02:20,120 And if I try. 37 00:02:22,610 --> 00:02:23,450 Fred Flintstone 38 00:02:26,300 --> 00:02:27,680 with the password of Wilma. 39 00:02:30,830 --> 00:02:32,210 And press log in. 40 00:02:33,570 --> 00:02:39,820 Well, Fred entered as information, it looks like, but we may have to try to log into Twitter again, 41 00:02:40,930 --> 00:02:44,440 come back over here and we should see some information. 42 00:02:45,070 --> 00:02:45,470 Ha! 43 00:02:46,420 --> 00:02:47,680 Possible username. 44 00:02:47,830 --> 00:02:48,880 Fred Flintstone. 45 00:02:49,540 --> 00:02:51,690 Possible password field, Wilma. 46 00:02:52,840 --> 00:02:53,950 Very cool. 47 00:02:54,640 --> 00:02:54,900 All right. 48 00:02:54,910 --> 00:02:57,850 Well, I hope you've enjoyed learning about social engineering. 49 00:02:58,180 --> 00:03:04,330 Try a couple of different sites just so you can see and most importantly, educate your friends, educate 50 00:03:04,330 --> 00:03:10,900 your family, and educate your coworkers about how important it is to look for the signs of phishing 51 00:03:10,900 --> 00:03:18,070 emails, because if not, you may be entering your information into a Web server run by a black hat 52 00:03:18,130 --> 00:03:18,580 hacker. 53 00:03:18,880 --> 00:03:21,400 So I look forward to seeing you in the next lesson.