Phishing Attack using Kali Linux: Hack Passwords, Username

Phishing Attack using Kali Linux
Hacking Computers

Phishing Attack using Kali Linux

Other Kali Linux Tutorials:

  • How to install Kali Linux
  • Hack WIFI using Kali Linux

    Sometimes, it may take weeks or months to crack a password. Most of the time you would give up in such a situation but what if you get password in plain text.

No, this is not about dreams but if you are even a small bit innovative, you could get password via Phishing attack. What is Phishing?

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

You may have seen people Fishing in a lake. They lure fishes using their meal(something delicious to fishes) and if they are real silly which most of them are, they are caught in traps or hooks. Now consider People in place of Fishes.

Yeah, you got it right. Hacker lures the targets to open a link of specially crafted web pages and once they click it considering them authenticated services, fill their details, the details are passed to Hackers instead.

Now, one of the best Hacking Operating System(Kali Linux) has some tools which might be of your interest.

Phishing Attack using Kali Linux :

System Used:

  1. Attacker machine having Kali Linux 1.6 (Any version of Kali linux would be good.)
  2. Target Machine(Any)

Network Used:

Both machines are in LAN.

(Note: This attack works in WAN too. Just type your external IP in place of your internal ip. Make sure port forwarding is activated for WAN attack.)



Step 1. Open the terminal in Kali Linux. Type ifconfig . This is needed to know your local IP Address. You can use your external ip if you want to use this attack in WAN(INTERNET). Just type My ip in google to know your external ip.

Phishing Attack using Kali Linux
Phishing Attack using Kali Linux

So, Attacker’s ip is


Step 2. Type setoolkit.[ If you are opening for first time, press y to agree the terms of service.]

Choose option 1 i.e. Social –Engineering Attack.

Phishing Attack using Kali Linux
Phishing Attack using Kali Linux

Step 3. In next screen, choose 2nd option i.e. Website Attack Vector.

After that, choose 3rd option i.e. Credential Harvester Attack Method.

Now choose 2nd option i.e. Site Cloner Method.

Phishing Attack using Kali Linux
Phishing Attack using Kali Linux

Step 4. Now, put the IP Address of the attacker machine for POST back i.e.

Next option would be to enter a url to clone. Enter any website login url you like. I chose

This tool would copy all the appropriate files from that real website. Then it would make a replica of required website and serve it via the Attacker’s machine i.e. Attacker machine would act as a Server.

Press y i.e. Yes to start Apache web server.

Phishing Attack using Kali Linux
Phishing Attack using Kali Linux


Now comes the exploitation part. Send the link i.e. ip of Attacker machine to target machine. You could use your innovative mind to lure the victim into opening the link. You could use URL Obfuscation tools to make the link attractive/authenticative.

Once the victim opens the link. He would be prompted to enter his credentials in the webpage. Once he types in, You would get the credentials onscreen in your Kali Linux Machine.

Phishing Attack using Kali Linux
Phishing Attack using Kali Linux

Kali Linux:

Phishing Attack using Kali Linux
Phishing Attack using Kali Linux

Easy Enough! Got Problems, You are free to comment below.

Related Post

How to change Facebook username Again How to change Facebook username Again Facebook is the best social networking website with more than a Billion users. There may be a lot of usernames ...
Download Ophcrack Password Cracker for Free Ophcrack is a free windows based password cracker. This cracker is based on Rainbow tables and can crack LM and NTLM hashes. Download Ophcrack Pas...
Hack WiFi Passwords: 5 WiFi Hacker App for Android In this post we will discuss some of the best free WiFi Hacker App available for Android devices. Most of these apps are capable of cracking  wep, wpa...
Download NetStumbler WiFi hacking Software Download NetStumbler WiFi hacking Software: Netstubbler is used to crack Wifi networks by getting inside information of a network. Netstumbler is used...
Download Superscan Intrusion Detection Tool for Fr... Superscan is a free port scanner compatible with Windows operating system. This is also the only port scanner with closed-source. Superscan contains f...
Download Nmap Intrusion Detection Tool for Free Nmap is a port scanner that maps the network and analyze the data packets. It works as a security tool for systems connected to external networks. Nma...
Download Brutus Password Cracker for Free Brutus is one of the most popular and one of the fastest remote online password cracking tools. . This tool is free to use and is only available for W...
Download OpenSSH Encryption Tool for Free OpenSSH is a tool that can encrypt insecure internet connections. It works on Secure SSH connection and can prevent users from eavesdropping, connecti...


  1. I try to put my external ip adress and did everything. I opened ports 8080 and 4444 also. Then i make my external ip a link with tiny url. And sent it. But when i try to click this link it wants password and username and it just accept the username:admin passwd:admin. After, it takes me to tp-link. Please help. I try to find solution to that more than 1 week.