Disclaimer: ⚠ ⚠ ⚠ This post is stricly for educational purpose i or the developers of the tools used here are not responsible for damage caused
Phishing: A phishing attack is a cyberattack that tricks people into sharing sensitive information. The goal is to steal money, identities, or corporate trade secrets.
in these post we are going to walk through the 101 of phishing using ShellPhish v2.5-MOD
ShellPhish v2.5-MOD
Phishing Tool for Facebook, Instagram, Google, Microsoft, Netflix, PayPal, Steam, Twitter, PlayStation, GitHub, Twitch, Pinterest, Snapchat, Linkedin, Ebay, Dropbox, Protonmail, Spotify, Reddit, Adobe, DeviantArt, Badoo, Origin, CryptoCoin, Yahoo, WordPress, Yandex, StachoverFlow & VK. This is a modified version of ShellFish, ShellPhish & Zphisher.
Requirements
- git
- brew
- PHP
- ngrok
List of available sites:
[01] Facebook [11] Twitch [21] DeviantArt
[02] Instagram [12] Pinterest [22] Badoo
[03] Google [13] Snapchat [23] Origin
[04] Microsoft [14] Linkedin [24] CryptoCoin
[05] Netflix [15] Ebay [25] Yahoo
[06] PayPal [16] Dropbox [26] WordPress
[07] Steam [17] Protonmail [27] Yandex
[08] Twitter [18] Spotify [28] StackoverFlow
[09] PlayStation [19] Reddit [29] VK
[10] GitHub [20] Adobe
Procedure:
Am going to use the os for hacking [KALI LINUX] you can use termux on android aswell
Usage:
You copy each line of the following code
apt update && apt upgrade -y
apt install git wget php unzip curl -y
git clone https://github.com/AbirHasan2005/ShellPhish
cd ShellPhish
chmod +x *
bash shellphish.sh
- You will need to download ngrok ngrok.com/get-started/setup for workaround.
- Register and sign up for ngrok to obtain ngrok auth token in order for it to work push auth in directions as outlined on ngrok official website.
- Fire up ngrok on the port (ngrok http 5555/standard is 5555) you’re planning to running shellphish on, then open a seperate terminal and run shellphish, link/url will be present in ngrok’s terminal tab.
Comments