Offensive Sec Blog

Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

Tuesday, January 5, 2016

Weeman - HTTP Server for Phishing

           ,       No comments    



HTTP server for phishing in python. Weeman has support for most of the (bigest) websites.
Usually you will want run Weeman with DNS spoof attack. (see dsniff, ettercap).


Weeman will do the following steps:
  1. Create fake html page.
  2. Wait for clients
  3. Grab the data (POST).
  4. Try to login the client to the original page

Requirements
  • Python <= 2.7.
  • Python BeautifulSoup 4

Install BeautifulSoup
  • Archlinux - sudo pacman -S python2-beautifulsoup4
  • Ubuntu/Linuxmint - sudo apt-get install python-bs4
  • For another OS: - sudo pip install beautifulsoup4

Platforms
  • Linux (any)
  • Mac (Not tested)
  • Windows (Not tested)
[!] If weeman runs on your platform (Mac/Windows), please let me know.

Usage
Just type help

Run server:
  • For port 80 you need to run Weeman as root!
  • Host to clone (Ex: www.social-networks.local)
    set url http://localhost
  • "<"form action = "TAKE THIS URL">"(View the site source and take the URL)
    set action_url http://localhost/sendlogin
  • The port Weeman server will listen
    set port 2020
  • Start the server
    run

The settings will be saved for the next time you run weeman.py.


Share:

0 comentários:

Post a Comment

Note: Only a member of this blog may post a comment.

Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition