Create phishing page of 29 websites in minutes.

Introduction

Phishing attack is going all time high on internet. Most of the hackers work on these phishing pages to find out your credentials. These type of attacks are done by just sending links and provoking victim to click on the link. The main intention of this attack to steal the username & passwords, bank credentials and, other confidential information. A recent expose of phishing attack on AirBNB was demonstrated by ethical hacking researcher of International institute of Cyber Security.

Today we will show you on how to create phishing page of 29 different websites in minutes. Zphisher is a tool that can be used to create phishing pages and send to the the victim to steal the confidential information.

Environment

  • OS: Kali Linux 2019.3 64 bit
  • Kernel-Version: 5.2.0

Installation

root@kali:/home/iicybersecurity# git clone https://github.com/htr-tech/zphisher
 Cloning into 'zphisher'...
 remote: Enumerating objects: 39, done.
 remote: Counting objects: 100% (39/39), done.
 remote: Compressing objects: 100% (38/38), done.
 remote: Total 873 (delta 17), reused 2 (delta 0), pack-reused 834
 Receiving objects: 100% (873/873), 9.69 MiB | 1.28 MiB/s, done.
 Resolving deltas: 100% (346/346), done. 
  • Use the cd command to enter into zphisher directory
    • cd zphisher
 root@kali:/home/iicybersecurity# cd zphisher/
 root@kali:/home/iicybersecurity/zphisher# 
  • Next, use command to change the access mode
    • chmod +x zphisher.sh
root@kali:/home/iicybersecurity# chmod +x zphisher.sh 
root@kali:/home/iicybersecurity# 
  • Now, use the command to lunch the tool
    • bash zphisher.sh
Zphisher
Zphisher
  • Here, we see 29 phishing modules, let’s use top four module.

Google

  • Choose option 3 for Google and then select 2.
  • While creating this page, we will select LocalHost option to host page on our local machine for testing purpose.
  • We will also show on how this page can be created to be shared with victim on internet using reverse proxy. This will be done in next phishing pages.
 Google Phishing Link
Google Phishing Link
  • Now, we got the phishing link and we can test this link on our machine.
  • When we open this on our machine, it will ask to enter credentials and the page will be similar to the original Gmail login.
Phishing page
Phishing page
  • We can see on how phishing page captured credentials.
Victim credentials
  • Here, we see victim’s login credentials.

Instagram

  • Choose option 2 for Instagram
  • Now select the reverse proxy to be used for capturing credentials back to your hacking machine. We will use ngrok.io
Instagram Phishing Link
Instagram Phishing Link
  • Now, we got the phishing link and we an send this phishing link to the victim on internet via email or some messenger.
 Phishing Page
Phishing Page
  • We can see on how phishing page captured victim’s login credentials.
 Victim's  credentials
Victim’s credentials

Netflix

  • Now choose option 5, Netflix and select an option for traffic capturing.
 Netflix Phishing Link
Netflix Phishing Link
  • Now, we got the phishing link and send this phishing link to the victim.
 Netflix Phishing Page
Netflix Phishing Page
  • We see Netflix phishing page on this way
 Victim's credentials
Victim’s credentials
  • Here we got the login details of the victim.

Paypal

  • Choose option 6, Paypal and select an option for traffic capturing.
 Paypal  Phishing Link
Paypal Phishing Link
  • Now, we got the phishing link and send this phishing link to the victim.
 Paypal phishing page
Paypal phishing page
  • We see paypal phishing page on this way
 Victim's credentials
Victim’s credentials
  • Here we got the login details of the victim

Conclusion

In this way an attackers can steal our login credentials and other confidential information. We have be more secure while clicking on any links.