Every thing over the internet is secured by the passwords. You need a login to do any stuff on any social or banking website. Passwords are the first security measure for these type of websites. So, I brought a tutorial on how to hack such sort of login passwords. This tutorial is based on credential harvester attack method. In which you will know about hacking passwords using credential harvester attack method.

Hacking Passwords using Credential Harvester Attack


It’s very simple and easy to follow. Before you start, you need the following things to work with.

  1. Kali Linux OS
  2. Target Website

Steps to follow

  • Run the Kali Linux machine. If you have not kali linux installed, you can grab a free copy and install it as a virtual machine. You can learn more about kali linux virtualbox installation.
  • Sign in to Kali Linux by entering username root and password toor.
  • As you’ll sign in, navigate to the Applications > Social Engineering Tools > Social Engineering like shown in the following screenshot.
  • Now you will see the different options. You have to choose Social Engineering Attacks by simply entering it’s number in the terminal. Once you do it, it will show few options further. Simply choose Website Vector Attack by putting it’s number.
  • Website vector attack will show up it’s different type of attacks. We are going to use Credential Harvester Attack.
  • Choose the Site Clone option. As you do it, it will ask for your public IP address. Just open up a new terminal and type ifconfig. It’ll show the public IP. Just copy it and paste in the previous terminal as shown in following screenshots.
  • After we do it. Enter the target website of which passwords you want to hack. Make sure to use a website that have username and password on the same page.
  • All done now. As someone open up the browser on the public IP we specified, it’ll show up the website that we entered in the previous step. Now as someone enters their username or password, it will be captured in the terminal.

That’s all. If you’re not clear yet. You can watch the following complete video tutorial on how to do it.

Demonstration of Hacking Passwords using Credential Harvester Attack

This is a basic attack of hacking passwords using credential harvester attack on a single virtual machine. In the next tutorial, I will show how to make it look like an authentic website instead of our public IP.