Demo 2- Phishing Attack

By

What is Phishing Attack:

  • Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
  • It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.
  • The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.
  • To Perform this attack, here use a tool called "ShellPhish".

fig: fishing

fig: Phishing Attack

    ShellPhish:

  • Shellphish is a tool developed by "thelinuxchoice".
  • This tool is implemented in Shell Scripting.
  • This tool  has Instagram, Facebook, Twitter, Snapchat, Github, Yahoo, Protonmail, Google, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Pinterest +1 customizable and precloned phishing pages.
  • It is easy to use.
  • Disclaimer: Usage of Shellphish for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Practical:

1. Download Termux App from Playstore:

  • To use this tool we need a platform(Android OS or Linux OS).
  • We need an interface to intract with the tool. For Android "Termux"(click on the Termux to Install)is an interface. For Linux "Terminal"(inbuilt tool) is an interface.
  • Now open the termux app in Android.(same process in LinuxOS)


2. Installing all Necessary Packages:

  • Update the termux packages, by using following command.


$  apt update && apt upgrade -y



  • Now install all necessary packages, by using following command.
$  apt install git php curl wget openssh -y





3. Clone Shellphish Tool from Github:

  • Cloning the shellphish tool available in github, by using following command.

git clone https://github.com/thelinuxchoice/shellphish.git
4. Perform Phishing Attack:
  • While cloning the tool a directory(shellphish) is downloaded, Now goto shellphish directory, by following command.

$  cd shellphish
  • Now change the permission of the file(shellphish.sh) to executable. This can be done by using following command.

$  chmod +x shellphish.sh


  • Run the tool, by following command.

$  bash shellphish.sh

  • Now select the option from different login pages, here I am choosing option 1 Instagram login pages. After that choose the port forwarding option 1 or 2 as our wish. I am choosing option 2 Ngrok .
  • The php server and ngrok server will starts, Ngrok server will generates a link as show in the figure.
  • Now copy the link and send it to the victim. Whenever victim open the link and login into the page, then we get login credentials and some other details of victim as show in the below screenshot.

    How to Defend from Phishing Attacks:


    • Don't open the link from social media.
    • Make sure the domain name should be correct. Example( phishing page --> face1234book.com) ( original --> facebook.com).
    • If you got any link in social media, then check that link in Virustotal (Click on Virustotal to check the link).



    Thank You be Secure.


    I'm a Cyber Security professional with expertise in Network, Application, Endpoint, Cloud Security, DevOps, and IT Ops. I have experience in various industries and am well-versed in relevant regulations and standards. My goal is to provide exceptional security solutions that protect organizations from evolving threats, while also streamlining workflows and improving collaboration between development, operations, and security teams through DevOps and IT Ops practices.

    Comments

    Post a Comment

    Popular posts from this blog

    Demo 1- How to Track Location by a Link

    By
    Image
    ↑ GPS: GPS stands for Global Positioning System . The Global Positioning System, originally NAVSTAR GPS, is a satellite-based radionavigation system owned by the United States government and operated by the United States Air Force. It is a global navigation satellite system (GNSS) that provides geolocation and time information to a GPS receiver anywhere on or near the Earth where there is an unobstructed line of sight to four or more GPS satellites. Obstacles such as mountains and buildings block the relatively weak GPS signals. Locator v1.0: Locator is a tool developed by "thelinuxchoice".This tool is implemented in Shell Scripting. This tool is implemented in Shell Scripting. Geolocator, Ip Tracker, Device Info by URL (Serveo and Ngrok). It uses tinyurl to obfuscate the Serveo link. Disclaimer:  Usage of Locator for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable lo
    Read more

    Snyk - Ubuntu 20.04 (Linux)

    By
    Image
    In this article, we are going to learn about Snyk, features, and hands-on demo on how to install, usage and uninstall on Ubuntu 20.04(Linux).   Disclaimer:   The articles provided on HackWithV is purely for informational and educational purpose only, and for those who are willing and curious to know & learn about Cyber Security, Ethical Hacking,  Software Development and  IT Operations. Anytime the word "Hacking" that is used on this site shall be regarded as Ethical Hacking. Table of Content What is Snyk ?   Jump to Features   Jump to Hands-On   Jump to Requirements   Jump to Download   Jump to Install   Jump to Usage   Jump to Uninstall    Jump to Cheat Sheet    Jump to    What is Snyk ?  Snyk is a developer security platform for securing code , dependencies , containers , and infrastructure as code .  Integra
    Read more

    Cracking VNC Password Using Hydra

    By
    Image
    Today we are going learn how to crack the password of VNC service using Hydra Tool.  Disclaimer: The articles provided on HackWithV is purely for informational and educational purpose only, and for those who are willing and curious to know & learn about Ethical Hacking, Security and Penetration Testing. Anytime the word "Hacking" that is used on this site shall be regarded as Ethical Hacking. What is VNC? Virtual Network Computing ( VNC ) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol ( RFB ) to remotely control another computer.  What is Hydra? Hydra is a parallelized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, i
    Read more