FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
โ˜ โ˜† โœ‡ KitPloit - PenTest Tools!

Facad1ng - The Ultimate URL Masking Tool - An Open-Source URL Masking Tool Designed To Help You Hide Phishing URLs And Make Them Look Legit Using Social Engineering Techniques

By: Zion3R โ€” October 24th 2023 at 11:30


Facad1ng is an open-source URL masking tool designed to help you Hide Phishing URLs and make them look legit using social engineering techniques.


Your phishing link: https://example.com/whatever

Give any custom URL: gmail.com

Phishing keyword: anything-u-want

Output: https://gamil.com-anything-u-want@tinyurl.com/yourlink

# Get 4 masked URLs like this from different URL-shortener

  • URL Masking: Facad1ng allows users to mask URLs with a custom domain and optional phishing keywords, making it difficult to identify the actual link.

  • Multiple URL Shorteners: The tool supports multiple URL shorteners, providing flexibility in choosing the one that best suits your needs. Currently, it supports popular services like TinyURL, osdb, dagd, and clckru.

  • Input Validation: Facad1ng includes robust input validation to ensure that URLs, custom domains, and phishing keywords meet the required criteria, preventing errors and enhancing security.

  • User-Friendly Interface: Its simple and intuitive interface makes it accessible to both novice and experienced users, eliminating the need for complex command-line inputs.

  • Open Source: Being an open-source project, Facad1ng is transparent and community-driven. Users can contribute to its development and suggest improvements.


git clone https://github.com/spyboy-productions/Facad1ng.git
cd Facad1ng
pip3 install -r requirements.txt
python3 facad1ng.py

PYPI Installation : https://pypi.org/project/Facad1ng/ 

pip install Facad1ng

Facad1ng <your-phishing-link> <any-custom-domain> <any-phishing-keyword>
Example: Facad1ng https://ngrok.com gmail.com accout-login

import subprocess

# Define the command to run your Facad1ng script with arguments
command = ["python3", "-m", "Facad1ng.main", "https://ngrok.com", "facebook.com", "login"]

# Run the command
process = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)

# Wait for the process to complete and get the output
stdout, stderr = process.communicate()

# Print the output and error (if any)
print("Output:")
print(stdout.decode())
print("Error:")
print(stderr.decode())

# Check the return code to see if the process was successful
if process.returncode == 0:
    print("Facad1ng completed successfully.")
else:
    print("Facad1ng encountered an error.")



โ˜ โ˜† โœ‡ KitPloit - PenTest Tools!

Evil QR - Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice

By: Zion3R โ€” August 23rd 2023 at 12:30


Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing.

It consists of a browser extension used by the attacker to extract the sign-in QR code and a server application, which retrieves the sign-in QR codes to display them on the hosted phishing pages.

Watch the demo video:

Read more about it on my blog: https://breakdev.org/evilqr-phishing


Configuration

The parameters used by Evil QR are hardcoded into extension and server source code, so it is important to change them to use custom values, before you build and deploy the toolkit.

parameter description default value
API_TOKEN API token used to authenticate with REST API endpoints hosted on the server 00000000-0000-0000-0000-000000000000
QRCODE_ID QR code ID used to bind the extracted QR code with the one displayed on the phishing page 11111111-1111-1111-1111-111111111111
BIND_ADDRESS IP address with port the HTTP server will be listening on 127.0.0.1:35000
API_URL External URL pointing to the server, where the phishing page will be hosted http://127.0.0.1:35000

Here are all the places in the source code, where the values should be modified:

server/core/config.go:

server/templates/index.html:
extension/background.js:
Installation

Extension

You can load the extension in Chrome, through Load unpacked feature: https://developer.chrome.com/docs/extensions/mv3/getstarted/development-basics/#load-unpacked

Once the extension is installed, make sure to pin its icon in Chrome's extension toolbar, so that the icon is always visible.

Server

Make sure you have Go installed version at least 1.20.

To build go to /server directory and run the command:

Windows:

build_run.bat

Linux:

chmod 700 build.sh
./build.sh

Built server binaries will be placed in the ./build/ directory.

Usage

  1. Run the server by running the built server binary: ./server/build/evilqr-server
  2. Open any of the supported websites in your Chrome browser, with installed Evil QR extension:
https://discord.com/login
https://web.telegram.org/k/
https://whatsapp.com
https://store.steampowered.com/login/
https://accounts.binance.com/en/login
https://www.tiktok.com/login
  1. Make sure the sign-in QR code is visible and click the Evil QR extension icon in the toolbar. If the QR code is recognized, the icon should light up with colors.
  2. Open the server's phishing page URL: http://127.0.0.1:35000 (default)

License

Evil QR is made by Kuba Gretzky (@mrgretzky) and it's released under MIT license.



โŒ