Linux / Networking

Advanced Lazy Automated Phishing Script: ZPhisher

Posted by

47b43680-8ee1-11ea-8711-7da89b585673

ZPhisher is an advanced phishing tool-kit it is an upgraded version of Shellphish. It has the main source code from Shellphish but ZPhisher has some upgrade and has removed some unnecessary codes from Shellphish. It is developed by HTR-Tech . ZPhisher can be run from Kali Linux and also can be run from Android devices using Termux. It is the all-in-one phishing framework in 2020.

Get it on Google Play
ZPhisher has lots of phishing pages like:

1) Facebook

  • Facebook Normal Login Page
  • Fake Security Login Method (DarkSecDevelopers)
  • Facebook Voting Poll Method (DarkSecDevelopers)
  • Messenger Login Page (New)

2) Instagram

  • Normal Login Page
  • Instagram Auto Follower Phishing Page (the Linux choice)
  • Instagram Badge Verify Method (DarkSecDevelopers)

3) Google

  • Google Old Login Page
  • Google New Login Page
  • Google Voting Poll Method (DarkSecDevelopers)

4) Adobe Login Page

5) Badoo Login Page

6) CryptoCoinSniper Login Page

7) Deviantart Login Page

8) Dropbox Login Page

9) eBay Login Page

10) Github Login Page

11) Linkedin Login Page

12) Microsoft Login Page

13) Netflix Login Page

14) Origin Login Page

15) Paypal Login Page

16) Pinterest Login Page

17) Playstation Login Page

18) Protonmail Login Page

19) Reddit Login Page

20) Snapchat Login Page

21) Spotify Login Page

22) Stackoverflow Login Page

23) Steam Login Page

24) Twitch Login Page

25) Twitter Login Page

26) Vk Login Page

27) Vk Poll Method (Hiddeneye)

28) WordPress Login Page

29) Yahoo Login Page

30) Yandex Login Page

Zphisher also has 4 port forwarding options

  • localhost         (For local network/LAN)
  • Ngrok             (For World-Wide WAN)
  • Serveo.Net      (For WAN)
  • Localhost.run  (For WAN)

Installing on Kali Linux

First, we need to clone ZPhisher from it’s GitHub repository by using the following command:

git clone https://github.com/htr-tech/zphisher

The screenshot of the preceding command if following:

clonning zphisher

Then we need to go inside the zphisher directory using cd command:

cd zphisher

Here we need to give executable permission to the bash script by using the following command:

sudo chmod +x zphisher.sh

The screenshot is following.

zphisher permissions

Now we are ready to run it. We can run it by using the following command:

./zphisher.sh

Then this bash script leads us to the main menu of the ZPhisher tool as shown in the following screenshot:

zphisher main page

Here everything is very clear. For example we choose 1 for Facebook and press enter.

facebook in this tool

Here we can choose whatever we think easy to trick our victim. For example we choose 3 for a “Fake Security Login Page”.

fake security login page

Now we can choose our port forwarding option. Here If we choose 1 then it will be for our local network (same WiFi or LAN) only, but we can choose the other options like ngrok server or localhost.run. (These are all free port forwarding services so sometimes some services may be down for overloading. In that case, we need to choose other.)

Here we choose 2 for ngrok.io. Then we wait for some seconds until our link generated.

In the above screenshot, we can see our link created on ngrok. Now we can send this link to our victim by SMS or mail or by any other way With some catchy social engineering technique.

If our victim opens it then he/she will see something like the following screenshots:

phishing 2020

phishing mobile 2020

 

If our victim inputs the username and password then,

we got the password
BINGO!

We got the credentials of our victim. Now it can be used to log in the victim’s Facebook account.

Installing on Android (Termux)

We also can use it on Android through Termux application. First, we need to install Termux from Google Play Store. Then we can open it and run a single command to update download and run the ZPhisher. The single command is the following:

apt update && apt install git php curl openssh -y && git clone https://github.com/htr-tech/zphisher && cd zphisher && chmod +x zphisher.sh && bash zphisher.sh

How to be safe from this Attack

  • We should not click on any link through sms/email/website/chatroom or text messages etc.
  • we need to check the link is driving to original Facebook, mean to say check the links is https://www.facebook.com/ or not. If not and the page is looking like Facebook, then this might be a phishing page.
  • Windows user should use anti-virus and web security software, like Norton or McAfee. Linux user should take care before clicking unknown links.

This tutorial is for educational purpose only. Phishing is a crime. If anyone does any illegal activity then we are not responsible for that.

Feel free to leave a comment below or reach me on Instagram @iamshubhamkumar__.

 

Get it on Google Play

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.