Full width home advertisement

Post Page Advertisement [Top]

Phishing attacks will remain as the best method to compromise social media accounts. Nowadays it is pretty difficult to create and host a Phishing page as almost all anti-virus and browsers will detect it. Also, it will be difficult for an attacker to perform social engineering if the Phishing page is not looking genuine say without an SSL certificate (https:// connection). Also if the victim is having his 2FA on then there is no point in knowing his Username/Password.

In this tutorial, I will introduce you to a tool EvilGinx- A tool which can be used to create advanced phishing emails which can be used to bypass 2 Factor Authentication and will look genuine say the victim can't log in without the correct password.

Here is the step-by-step guide to configuring EvilGinix on your server.

Step 1 - Installation

EvilGnix is developed by @mrgretzky and can be downloaded from Here.

Step 1 is to download this to your server. Make sure that your server is any Debian wheezy/jessie machine. You can use the command

git clone https://github.com/kgretzky/evilginx.git  to clone the repository to your server.

Make sure that you have git installed on your machine.

Evilgnix is having an install.sh script which can be used to install the whole software on your machine.



Step 2 - Installation

Locate to the folder and give the install.sh the necessary permissions. Do it by running the following command.



chmod 700 install.sh

Now the installation script is having the necessary permissions

Step 3 - Installation

The third step is to run the script in order to install the software. For that run the following command.



./install.sh 


Step 4 - Installation

After the installation run the EvilGnix by typing the command

python evilgnix.py 


And it will show a help screen by default.

            _ _       _            
           (_) |     (_)           
  _____   ___| | __ _ _ _ __ __  __
 / _ \ \ / / | |/ _` | | '_ \\ \/ /
|  __/\ V /| | | (_| | | | | |>  < 
 \___| \_/ |_|_|\__, |_|_| |_/_/\_\
                 __/ |             
 by @mrgretzky  |___/          v1.0

usage: evilginx.py [-h] {setup,parse,genurl} ...

positional arguments:
  {setup,parse,genurl}
    setup               Configure Evilginx.
    parse               Parse log file(s).
    genurl              Generate phishing URL.

optional arguments:
  -h, --help            show this help message and exit
  
 
Step 4 - Creating a Phishing Page 


To be continued ....


 

 

 
 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Bottom Ad [Post Page]

| by Colorlib