What is Phishing Attack, How hackers steal your valuable Information using simple LINK
What is Phishing Attack, How it works?
Zphisher, tool for phishing
Introduction to Phishing Attack
So, as you all know, from past 10 year there is a suddenly rise in Digital Platforms, Social Media, etc. and specially after COVID. So Phishing is a technique in which hacker creates a Fake Website Template of any Social Media, and changes the all logins, signup, registration form so that all the userdata will forwarded to them or to their server. Not only login forms, They can change anything in their Fake Website Template as their requirements.
How to Do Phishing Attack
What you need to perform this attack:
Linux Device (termux/kali)
Stable Internet Connection
Zphisher tool from GitHub
Disclaimer
Any actions and or activities related to Zphisher is solely your responsibility. The misuse of this toolkit can result in criminal charges brought against the persons in question. The contributors and me will not be held responsible in the event any criminal charges be brought against any individuals misusing this toolkit to break the law.
This toolkit contains materials that can be potentially damaging or dangerous for social media. Refer to the laws in your province/country before accessing, using,or in any other way utilizing this in a wrong way.
This Tool is made for educational purposes only. Do not attempt to violate the law with anything contained here. If this is your intention, then Get the hell out of here!
It only demonstrates "how phishing works". You shall not misuse the information to gain unauthorized access to someones social media. However you may try out this at your own risk.
Installation
Just, Clone this repository -
git clone https://github.com/htr-tech/zphisher.git
Now go to cloned directory and run zphisher.sh -
$ cd zphisher
$ bash zphisher.sh
On first launch, It'll install the dependencies and that's it. Zphisher is installed.
:: Workflow ::
Practical Demo
After Installation type in your Console:
cd zphisher
./zphisher
Now zphisher should run Successfully if there are no issues in installation process.
So Now there are so many Social Media Websites Templates, Available in this tool.
you can choose as your choice (using Facebook as a demo)
type '1' in console
now as you press enter, you can see 4 or 5 types for creating the Template
I will go for 1st option, for just demo purpose.
Now you will see there are 4 options for Port Forwarding Services for your Website Template.
[01]Localhost [02]Ngrok.io[AccountNeeded]
[03]Cloudflared[AutoDetects]
[04]LocalXpose[NEW!Max15Min]
[-] Select a port forwarding service :
I will use '1' for demo purpose.
Now it will ask for custom port: I will type 'N'
Now go on the link maded in console.
in my case it is: "http://127.0.0.1:8080"
SO HERE IS YOUR FINAL FAKE WEBSITE TEMPLATE:
Now as someone enter their Original Information, it will forwarded to the console of the attacker, and saved in a file or database.
SEE THE OUTPUT:
So Here is my Login Info, Which I entered on that Fake Website Template.
Again giving Disclaimer, This is a very Dangerous Attack, So I am not resposible for any illegal activity performed by you.
How To Secure from such Attacks
Don't go on Unsecure Websites, like free recharge, free earn money, free instagram followers, etc
There is a very big Difference in HTTP and HTTPS, so check this 2 times before entering any credentials on any Website. It should be HTTPS if it is Secure.
Don't Use Same Passwords in all Social Accounts, Read my blog, I have told you about how to get user all social accounts from one social media username, So if someone has successfully cracked your password from one Social account, then it will failed on another Social Accounts.
When you visit some websites sended by someone, then try to Observe the Link Carefully, if it ends with com,org,in,govt,etc then only you should visit them.
Finally, Don't Login your Social Accounts from someone's PC or Mobile, not from any browser, or through any other Websites, Only Login from Trusted Applications, and from your Personal Devices.
THANKS for Coming Here Guys
Comment your Experience.