Windows Gather User Credentials (phishing)
This module is able to perform a phishing attack on the target by popping up a loginprompt. When the user fills credentials in the loginprompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a loginprompt when a specific process is starting. Tested on Windows 7.
- Wesley Neelen <security [at] forsec.nl>
- Matt Nelson
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use post/windows/gather/phish_windows_credentials msf post(phish_windows_credentials) > sessions ...sessions... msf post(phish_windows_credentials) > set SESSION <session-id> msf post(phish_windows_credentials) > show options ...show and set options... msf post(phish_windows_credentials) > run