PhishLulz – Ruby Toolset To Automate Phishing Activities

  • 302
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    302
    Shares

PhishLulz is a Ruby toolset aimed at automating Phishing activities.

The VM comes with various open source tools that have been glued together. The two main components are:

PhishLulz comes with its own self-signed CA: this is needed to generate self-signed certs for the PhishingFrenzy admin UI. You will also find a bunch of cool phishing templates (which are not in PF) that you can quickly re-use in your scenarios.

Requirements:

  • Amazon AWS account (see main config.yaml)
  • Non-Winzozz OS (path separators are hardcoded on purpose to don’t make it compatible with Winzozz)
  • ssh, scp, openssl in PATH
  • Sane Ruby environment (RVM suggested). Install the required gems with: gem install sinatra thin watir-webdriver headless colorize datamapper dm-sqlite-adapter dm-timestamps dm-migrations fog nokogiri mail net-ssh –no-rdoc –no-ri
  • Gecko/Chrome drivers

PhishLulz Toolset:

  • phish_lulz: main script to start/stop phishing instances
  • tools/find_resources: multi-threaded subdomain discovery and fingerprinting tool
  • tools/mailboxbug: multi-threaded webmail data extruder
  • tools/mail_parser: simple script to extract html/txt from an .eml email file
  • namecheap_wrapper: WIP for automated domain registration (Automatic domain registration is still TODO, however you can play with the almost-working code for the NameCheap registrar.)

PhishLulz AWS AMI:

The public AMI id is: ami-141bb974 You want to clone that, add your SSH keys, and use your nre clone.
The following are default passwords for various services, change them.
  • MySQL root user: phishlulz_mysql
  • PhishingFrenzy admin user: phishlulz_frenzy
  • BeEF beef user: phishlulz_beef
To change the default admin user password/email for PhishingFrenzy use the Rails console:
cd /var/www/phishing-frenzy && RAILS_ENV=production rails console admin = Admin.first admin.password = "newpasswd" admin.email = "newemail" admin.save! exit
To instrument Firefox you need to have the geckodriver binary in your PATH.
Download it from https://github.com/mozilla/geckodriver/releases Same thing applies if you prefer instrumenting Chrome, you need the chromedriver.
Once you have the binary, make sure it’s in the PATH: export PATH=$PATH:path_to_driver_dir

Finally, make sure the MailBoxBug data extrusion domain has a valid HTTPS certificate.

Download now: PhishLulz

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply