Do you ever get an interesting content on the web and when you try to view it, you gotta sign in into your social account? If so, you should be cautious. In the year 2018 alone, U$ 315+ billion was lost due to hacking or its effects. The fun fact here is that 91% of hacking begins with phishing. So now with numbers and stats, you know how phishing is still in play and can do severe damage. So without any due, let’s study a new phishing tool today.
PhishX is a phishing tool which can perform a spear phishing attack to the victim. Spear phishing is a targeted phishing attack done on a specific individual. For this attack, some information about the target individual is needed first. PhishX is used to capture user’s credentials, the tool generates fake pages and adds target information to those pages. These pages are shared with the target user.
The page appears as a normal page to the user, but that page is meant to capture users information as the user enters its important data into those pages. PhishX created pages then come back to attackers computer for retrieval of information. The pages that can be cloned for spear phishing attack include websites like Facebook, Google, Twitter, Instagram, LinkedIn, Pinterest, Quora, and Steam. Except for LinkedIn, all available pages are supported for mobile version websites too. This is how PhishX works.
1) Installation
PhishX works with Kali Linux OS and Parrot Sec OS. Below are the commands for installing PhishX
Git clone https://github.com/WeebSec/PhishX.git
After cloning, install the tools and its requirements using the commands below
cd PhishX Chmod +x installation.sh Bash installer.sh
2) Running PhishX
Use the following command for running PhishX
python3 PhishX.py
The PhishX inteeface can be seen after entering the above commands which enables you to choose options for spear phishing. Check the image below for the exact idea of the interface.
The list of options are nothing but website names of which you have to create a page for a spear phishing attack. If we select 4 i.e Google option, it will open the Google page creating a setup for a phishing attack. As the spear phishing attack needs the target information. If Google page is considered, then the Email address, username, phone number and location is required as a prerequisite. Also, spoofed email is to be provided to the tool
Once the information is provided, the tool generates a link which is to be shared to the target user.
Once the page is shared to the target user, the machine detects user interaction on the shared link page.
If the user will enter data in that page, the information along with location and IP address is captured and sent to the attacker.
Thus completing the perfect phishing attack without the user even realizing it.
Powered by Froala Editor