SMS Spoofing Attack

From Metasploit Unleashed
Jump to: navigation, search

Little hint here, this module is only the beginning to a whole new mobile attack platform for newer version of SET. The folks at TB-Security.com introduced the SMS spoofing module. This module will allow you to spoof your phone number and send an SMS. This would be beneficial in social-engineering attacks utilizing the Credential Harvester. More attacks to come on this. 

1.  Spear-Phishing Attack Vectors
2.  Website Attack Vectors
3.  Infectious Media Generator
4.  Create a Payload and Listener
5.  Mass Mailer Attack
6.  Teensy USB HID Attack Vector
7.  SMS Spoofing Attack Vector
8.  Third Party Modules
9.  Update the Metasploit Framework
10. Update the Social-Engineer Toolkit
11. Help, Credits, and About
12. Exit the Social-Engineer Toolkit

Enter your choice: 7

Welcome to the SET SMS Spoofing Attack method. This module allows you
to specially craft SMS messages and send them to a person. You can spoof
the SMS source.

This module was created by the team at TB-Security.com.

You can use a predefined template, create your own template or specify
an arbitrary message. The main method for this would be to get a user to
click or coax them on a link in their browser and steal credentials or perform
other attack vectors.

1. Perform a SMS Spoofing Attack
2. Create a Social-Engineering Template
3. Return to Main Menu

Enter your choice: 1

SMS Attack Menu

There are diferent attacks you can launch in the context of SMS spoofing,
select your own.

What do you want to do:

1. SMS Attack Single Phone Number
2. SMS Attack Mass SMS
3. Return to SMS Spoofing Menu

Enter your choice: 1

Single SMS Attack

Enter who you want to send sms to: 5555555555

Do you want to use a predefined template or craft
a one time SMS.

1. Pre-Defined Template
2. One-Time Use SMS
3. Cancel and return to SMS Spoofing Menu

Enter your choice: 1
Below is a list of available templates:

1: MRW: pedido no entregado
2: Boss Fake
3: Movistar: publicidad nokia gratis
4: Movistar: publicidad tarifa llamada
5: TMB: temps espera
6: Movistar: publicidad ROCKRIO
7: Movistar: publicidad verano internet
8: Vodafone Fool
9: Police Fake
10: Movistar: publicidad navidad
11: Yavoy: regalo yavoy
12: Movistar: oferta otoño
13: Movistar: publicidad tarifa sms
14: teabla: moviles gratis
15: Movistar: publicidad aramon
16: Movistar: publicidad nieve
17: Vodafone: publicidad nuevo contrato
18: ruralvia: confirmacion de transferencia
19: Ministerio vivienda: incidencia pago
20: Tu Banco: visa disponible en oficina

Enter the number you want to use: 2

Service Selection

There are diferent services you can use for the SMS spoofing, select
your own.

What do you want to do:

1. SohoOS (buggy)
2. Lleida.net (pay)
3. SMSGANG (pay)
4. Android Emulator (need to install Android Emulator)
5. Cancel and return to SMS Spoofing Menu

Enter your choice: 1

SMS sent


SET has completed.



Beyond Metasploit > Social-Engineering Toolkit (SET) > SMS Spoofing Attack

Getting Started | Menu Based Driving | Spear-Phishing Attack | Java Applet Attack | Metaspoit Browser Exploit | Credential Harvester Attack | Tabnabbing Attack | Man Left In The Middle Attack | Web Jacking Attack | Multi-Attack Web Vector | Infectious Media Generator | Teensy USB HID Attack | SMS Spoofing Attack | SET Automation | SET Web-Interface | SET Module Development | SET FAQ

Retrieved from "http://www.offensive-security.com/w/index.php?title=SMS_Spoofing_Attack&oldid=243"