The art of Social Engineering has a nice branch called "phishing": this consists in tricking someone into giving you confidential information via a web page by making him believe that the page is actually trustworthy and reliable. This article wants to describe the basics of phishing, by illustrating how you can create a simple but perfect phisher page.

Metasploit Framework contains a very useful exploit, that doesn't require any particular vulnerability on the victim's system, except for the user's naïvety: the Java Signed Applet exploit. Basically, it creates and hosts an evil page infected with a signed Java applet, containing a Java Meterpreter payload (not recognized by many antivirus softwares): if the user accepts the applet, the attacker obtains full control over its system.

This is one of the most classical MITM attacks. With a combination of Sslstrip for stripping HTTPs traffic, Arpspoof for ARP Poisoning the network and making others believe you're the AP, and a powerful sniffer (Ettercap, Wireshark, etc...) for sniffing and saving the traffic. You will have to manually analyze the results, however this way you are able to sniff protocols that other scripts (like YAMAS) usually miss, and discover a greater amount of sensitive data (POP, FTP, IMAP).

There are lots of nice scripts out there for performing an automatic Man In The Middle attack, but actually only YAMAS can boast of a real-time parsing of the logs. In fact, it obtains a complete log of the sniffed traffic using a combination of Arpspoof (or Ettercap) for ARP poisoning the LAN and Sslstrip for stripping HTTPs URLs; then it analyzes it in real-time showing a nice terminal window containing a list of the sniffed credentials and the sites they were sniffed from. If you're not familiar with the terms "ARP poisoning", "Man in The Middle" and "HTTPs stripping", read the general description of a MITM attack.

Introduction

It is known that the WEP algorithm, used by some Wi-Fi networks (fortunately less and less) to "protect" their traffic, is very weak: a WEP protected network can be cracked in minutes. This is because of a lot of flaws which make the network vulnerable to some attacks; today there are many tools that can automatically perform these attacks, and BackTrack contains them all, including a nice GUI called Gerix Wifi Cracker for making them easier. This guide will explain you how to use that GUI in order to crack a WEP password, with a bit of theory to understand the whole thing. If you wish to learn how to perform these attacks via CLI (Command Line Interface) or to master the technique, click on the names of the attacks in the next section of this article, and you'll be redirected to the page dedicated to that attack on Aircrack-ng.org.