Статья SocialFish фишинговая атака с помощью Ngrok
Приветствую Друзей,Уважаемых Форумчан и Гоcтей форума.
Сегодня мы рассмотрим и поговорим о ещё одном способе метода фишинговой атаки.
Основана она на злоупотреблении сервисом Ngrok.
Как известно,сервис позволяет осуществить проброс локального вашего веб-сервиса.
Задуман он для того,чтобы разработчики смогли поделиться между собой
какими-то работами,посмотреть их,продемонстрировать c любой точки планеты.
А мы,в свою очередь,будем говорить о том ,как можно атаковать,используя
ту лёгкость ,с которой позволяет Ngrok в глобальной сети увидеть вашу фишинговую страницу.
SocialFish — тот инструмент,который входит в число недавних новинок.
Он-то и поможет нам разработать атаку.
Автор обзора и Администрация ресурса предупреждают о запрете использования SocialFish.
Все материалы приведены исключительно для ознакомления и изучения проблем безопасности.
Работает этот инструмент только с LInux
Испытания были успешно проведены на следующих дистрибутивах:
Kali Linux — Rolling Edition
Linux Mint — 18.3 Sylvia
Ubuntu — 16.04.3 LTS
В пакеты с зависимостями входит:
Python 2.7
Wget from Python
PHP
sudo
У меня он ,к слову,запускался и через python,и через python2
Для начала установим инструмент:
При первом запуске докачивается сам Ngrok,создаются директории Server И www.
Возможно ,некоторым из вас придётся после зайти в директорию Server
для того,чтобы сделать ngrok исполняемым (sudo chmod +x ngrok).
В директории www будут лежать заготовки страниц html,php.
Всё это добро находится в родительской директории SocialFish.
Я не стал изворачиваться,пытаться видоизменить ссылку,разыгрывать сложные комбинации с редиректами.
Запустил атаку с атакующей машины Kali Linux,с проброшенными туннелями tor и находящейся за NAT.
По ссылке я перешёл с машины жертвы Windows.
Конечно здесь ,речи о срабатывании антивирусов маловероятно.
Да,это всё заслуга Ngrok,и обход защитных систем в данном случае основан на выполнении удалённой атаки,
с привлечением стороны доверенного хостинга.
Проверка ссылки даёт вполне вменяемые результаты:
И если вы обратите внимание на фишинговую страницу,то увидите,что соединение по https протоколу.
Всё безопасно,всё здорово,причём обращение идёт по вашей ссылке на вашу фишинговую страницу авторизации.
У меня Firefox с использованием тонких настроек,поэтому вы видите,что он единственный,кто подаёт такой тревожный звоночек:
значком показано,что соединение небезопасно или слабое (зелёный цвет отсутствует).
У многих и в этом месте будет так , будто всё отлично,особенно у тех,кто не читает codeby)).
При попытке жертвы что-то ввести в окна авторизации,нам мгновенно прилетают данные
Инструмент,как я понял,ещё будет дорабатываться.
Не знаю,но почему-то сгенерировать ссылки кроме google и github,не получилось.
С первого раза ,возможно, также не выйдет задуманное.
Может это связано с тем,что на Ngrok некоторые сервисы платные,а доступные имеют ограничения.
Как можем,убедиться,такой способ из метода фишинга работает,у меня на этом всё,будьте пожалуйста внимательными.
Будьте этичными,осторожными,спасибо что вы с нами.Всего вам доброго,до новых встреч и благодарю за просмотр.
Источник
Фишинг кали линукс гитхаб
Follow on Social Media Platforms
Want to Learn to Create Professional Phishing Page, Ethical Hacking, Bug Bounty visit — https://secnhack.in
Join Our Whastapp Group For Any Queries and Learn Hacking
- https://chat.whatsapp.com/J6FCipjBwg76UGI7Px2oae — If its Full
- https://chat.whatsapp.com/LFDAwmHkYDe1XI18AiKbLS — If its Full
- https://chat.whatsapp.com/IPc4q8uifaQDoqSxJrguW1 — If its Full
- https://chat.whatsapp.com/HbPQoqTRLyV15GdBF4B5iw — If its Full
- https://chat.whatsapp.com/KoZJRTzSVmY7IwpmsLxDTm — If its Full
- https://chat.whatsapp.com/FVI56kzsnkI7RaAOIH2E1S — If its Full
- https://chat.whatsapp.com/Ge1rgCfkmR91cYuNkfmEdm — If its Full
- https://chat.whatsapp.com/HzbioqQ5XXH10YoJkYwl6V — If its Full
- https://chat.whatsapp.com/HSRHmvNLwNd5wtz12jw4Gl — If its Full
When victim enter his credentials, you need to go to original website and use those credentials to send real OTP to victim. Once he enter that OTP such OTP will also be there with you and you will be allowed to login the account before him.
WHAT’s New In AdvPhishing 2.2 Release
Through This Features You can Obtains the Credentails on Your Gmail Account or Send to Someone Else.
- Sender : Open config.php File Through nano or your favorite tool and enter name, your email id, your password.
- Receiver : Which you want to send the Credentials.
- Open your emial ID that you mentioned in sende, go security options, scroll down and trun on less secure setting. That’s IT 🙂 !!
Results You Can See Here 🙂 !!
INSTALLATION [ TERMUX APP —ANDROID ]
- git clone https://github.com/Ignitetch/AdvPhishing.git
- cd AdvPhishing/
- chmod 777 *
- ./Android-Setup.sh
- ./AdvPhishing.sh
- git clone https://github.com/Ignitetch/AdvPhishing.git
- cd AdvPhishing/
- chmod 777 *
- ./Linux-Setup.sh
- ./AdvPhishing.sh
AVAILABLE TUNNELLING OPTIONS
TESTED ON FOLLOWING:-
- Kali Linux — 2020.1a (version)
- Parrot OS — Rolling Edition (version)
- Ubuntu — 18.04 (version)
- Arch Linux
- Termux App
- sudo — [ MUST ]
- php
- apache2
- ngrok Token
Contact For Contribute & Issues
The use of the Adv-Phishing is COMPLETE RESPONSIBILITY of the END-USER. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program.
About
This is Advance Phishing Tool ! OTP PHISHING
Источник
SocialFish V3 — Next Genaration Phishing Toolkit | Kali Linux
Phishing is to easiest method to get anyone’s social media password. We have learned many ways to do phishing in some previous tutorial like :-
We need to install requirements to run SocialFish in Kali Linux. To install requirements we use following command :
This command will install necessary tools to run SocialFish, this may take a little bit time depending on internet connection. The screenshot of the command is following:
Now we can crate a web interface that will help us to manage our phishing attacks, but we need to configure SocialFish by pick a username and password to login the web interface. We use following command to set a username and password:-
We can choose our username and password in above command.
Then SocialFish will finish it’s settings and we should be able to access the web interface by navigating to the URL http://0.0.0.0:5000/neptune in our browser. The screenshot is following:
We can see the login page here we type our username and password that we just set up, and then we click on «Login» to access the SocialFish portal.
Inside the SocialFish web interface, we can see many features and important information.
At the top we can see the field where we can put website for clone, and the website link redirection, and the URL for our attack. For our demonstration we choose twitter.com/login as target and twitter.com will be the redirecting link. If they already logged in, our phishing attack will look like a normal successful login process. After entering both links we need to click the lightning bolt to active the link as shown in the following screenshot.
Now we will open a separate browser window and open the attack link that is http://0.0.0.0:5000
This Attack link will work for LAN devices. That means this link only work for same network devices. WE can forward it globally via SSH. To know more read our Easy port forwarding using SSH tutorial. We can use Social engineering technique to increase the chance of clicking by target. To know more about social engineering ideas read our Social Engineering tutorial.
SocialFish version 3 is very advanced and simple phishing toolkit. We can edit custom pages even we can include beef-framework browser exploitation attack with phishing page, and much more capabilities comes with SocialFish v3.
If any error comes running SocialFish then try command:
instead of sudo pip install -r requirements.txt then run the SocialFish.
SocialFish is developing a mobile based interface to run SocialFish on smartphones. That will make this tool more handy.
How much enjoyed SocialFish v3 tutorial? Please leave valuable comments below or if you have any questions?
You may like these posts
Comments
Getting error: No module named ‘flask’ while setting up user credentials
please try this command:
pip3 install flask
Failed building wheel for PyLaTeX
Failed building wheel for python-nmap
Failed building wheel for Flask-Login
Failed building wheel for nmap
Failed building wheel for ordered-set
Failed building wheel for yamlreader
Failed building wheel for xkcdpass
Failed building wheel for gnupg
Failed building wheel for filelock
Failed building wheel for PyYAML
Failed building wheel for PrettyTable
Failed building wheel for psutil
Failed building wheel for distlib
Failed building wheel for pyperclip
Failed building wheel for subprocess32
Failed building wheel for scandir
hi Kushal, are you using Kali ? If yes then try to uninstall SocialFish and try again.
sir the page not open after put username and pasword
error . no module name nmap
This error comes because python-nmap is not installed. So install it by using:
sudo pip3 install python-nmap
no module name nmap
Use following command to install python-nmap:
sudo pip3 install python-nmap
Need qrcode. help
login in SocialFish web interface.. the qrcode will be there
bash: pip: command not found
error is coming please help
its done sorry to bother you.
Traceback (most recent call last):
File «/root/SocialFish/SocialFish.py», line 3, in
from flask import Flask, request, render_template, jsonify, redirect, g, flash
File «/usr/local/lib/python3.9/site-packages/flask/__init__.py», line 21, in
from .app import Flask, Request, Response
File «/usr/local/lib/python3.9/site-packages/flask/app.py», line 36, in
from .sessions import SecureCookieSessionInterface
File «/usr/local/lib/python3.9/site-packages/flask/sessions.py», line 14, in
from collections import MutableMapping
ImportError: cannot import name ‘MutableMapping’ from ‘collections’ (/usr/local/lib/python3.9/collections/__init__.py)
I also get this type error. Running command
sudo pip3 install -r requirements.txt
sudo pip install -r requirements.txt
solved this problem for me
oot@kali:/home/kali/Downloads/SocialFish-sharkNet# python3 SocialFish.py
. _____. ____ ____ ____ _ ____ _ ____ _ ____ _ _
/ \/| [__ | | | | |__| | |___ | [__ |__|
\o__ /\| ___] |__| |___ | | | |___ | | ___] | |
\|
[!] Network error. Verify your connection.
How to resolve it plz tell me
Your connection should be very slow at that time, could you test again now?
If doesn’t work, try to comment this lines:
if connected() == False: print »’ . _____. ____ ____ ____ _ ____ _ ____ _ ____ _ _ / \/| [__ | | | | |__| | |___ | [__ |__| \o__ /\| ___] |__| |___ | | | |___ | | ___] | | \| <0>[<1>!<0>] <1>Network error. Verify your connection.\n »’.format(RED, END) exit(0)
Preparing environment. 100%
[*] Searching for PHP installation.
/usr/bin/php
—> OK.
[!] Do you agree to use this tool for educational purposes only? (y/n)
SF-An0nUD4Y >
No web portal link is coming, ive tried multiple times, please help someone
[*] iCloud module loaded. Building site.
Insert a custom redirect url:
Please select any available server:
[1] Ngrok
[2] Serveo
After entering 1 for ngrok, noting is coming up. all blank
It happens on some system. Try to re-install and try. Otherwise tr it on different system.
after put username and pasword in web page and log in then blank page open only wite bad
Can you please provide us what command you exactly put to start the SocialFish web interface?
I have tried everything
pip3 install requirements.tx and it didn’t work.
I run python3 SocialFish.py and it only tells me to log in to enter the web, but I want to use the program’s environment.
I have updated kali linux 2021.1
python SocialFish.py
Traceback (most recent call last):
File «SocialFish.py», line 3, in
from flask import Flask, request, render_template, jsonify, redirect, g, flash
ImportError: No module named flask
You have not installed flask. Install it by using following command:
pip3 install flask
I have python 2.7.18 and python 3.9.2
in github it says requirements python 3.6
I have not managed in any way to use this program
I have all the dependencies installed and I am a root user
pip3 install -r requirements.txt 1 ⨯
Requirement already satisfied: requests==2.20.0 in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 1)) (2.20.0)
Requirement already satisfied: PyLaTeX==1.3.0 in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 2)) (1.3.0)
Requirement already satisfied: python-nmap in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 3)) (0.6.4)
Requirement already satisfied: qrcode==6.1 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 4)) (6.1)
Requirement already satisfied: Flask==1.0.2 in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 5)) (1.0.2)
Requirement already satisfied: colorama==0.4.1 in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 6)) (0.4.1)
Requirement already satisfied: Flask_Login==0.4.1 in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 7)) (0.4.1)
Requirement already satisfied: nmap==0.0.1 in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 8)) (0.0.1)
Requirement already satisfied: python-secrets in /usr/local/lib/python3.9/dist-packages (from -r requirements.txt (line 9)) (21.2.0)
Requirement already satisfied: itsdangerous>=0.24 in /usr/lib/python3/dist-packages (from Flask==1.0.2->-r requirements.txt (line 5)) (1.1.0)
Requirement already satisfied: click>=5.1 in /usr/lib/python3/dist-packages (from Flask==1.0.2->-r requirements.txt (line 5)) (7.1.2)
Requirement already satisfied: Werkzeug>=0.14 in /usr/lib/python3/dist-packages (from Flask==1.0.2->-r requirements.txt (line 5)) (1.0.1)
Requirement already satisfied: Jinja2>=2.10 in /usr/lib/python3/dist-packages (from Flask==1.0.2->-r requirements.txt (line 5)) (2.11.3)
Requirement already satisfied: ordered-set in /usr/local/lib/python3.9/dist-packages (from PyLaTeX==1.3.0->-r requirements.txt (line 2)) (4.0.2)
Requirement already satisfied: certifi>=2017.4.17 in /usr/lib/python3/dist-packages (from requests==2.20.0->-r requirements.txt (line 1)) (2020.6.20)
Requirement already satisfied: urllib3 =1.21.1 in /usr/local/lib/python3.9/dist-packages (from requests==2.20.0->-r requirements.txt (line 1)) (1.24.3)
Requirement already satisfied: chardet =3.0.2 in /usr/local/lib/python3.9/dist-packages (from requests==2.20.0->-r requirements.txt (line 1)) (3.0.4)
Requirement already satisfied: idna =2.5 in /usr/local/lib/python3.9/dist-packages (from requests==2.20.0->-r requirements.txt (line 1)) (2.7)
Requirement already satisfied: psutil in /usr/local/lib/python3.9/dist-packages (from python-secrets->-r requirements.txt (line 9)) (5.8.0)
Requirement already satisfied: yamlreader in /usr/local/lib/python3.9/dist-packages (from python-secrets->-r requirements.txt (line 9)) (3.0.4)
Requirement already satisfied: gnupg in /usr/local/lib/python3.9/dist-packages (from python-secrets->-r requirements.txt (line 9)) (2.3.1)
Requirement already satisfied: numpy in /usr/lib/python3/dist-packages (from python-secrets->-r requirements.txt (line 9)) (1.19.5)
This is not an error you have already installed these modules. That’s why this occurs.
Источник
