So many wants to know what phishing actually is so simply it is making a fake duplicate site and getting victim's login credentials. For example you want to hack your friend Facebook account. So sent him a link like www.faceb00k.com (not www.facebook.com) and tell your friend visit this website you can get free PUBG hack or free girls number. When your friend visit that link and enter his credential you will get the login credentials. In this way your friend Facebook account will got hacked.
What is ShellPhish?
A phishing attack is the most common attack to get access to the victim's credentials of any website. ShellPhish is one of the phishing tools that allows you to create a phishing link using termux. ShellPhish is created by thelinuxchoice and its a project on GitHub (But as of now he has been removed from github.
How ShellPhish tool works?
Using this tool you can create a link which will look like an exact page of the social media, when the victim will log in using your link , you will get the Credential at your terminal. ShellPhish uses port forwarding using 2 methods one of them is SSH (which currently not working). second one is Ngrok which I think have a bug but I will tell you how to use it properly.
NOTE: This post is only for educational purpose. I and this site do not support any criminal activity. If you are doing any sort of misuse of this information This site is not responsible for that. THIS SITE ONLY SUPPORT ETHICAL HACKING.
How to install ShellPhish in termux step-by-step:
1. Update and upgrade the termux to the current date.
command-apt update && apt upgrade
Press N if ask about the version.
2. Install dependencies for ShellPhish without installing this tool you will get errors.
command-apt install php wget git
(While installing if it is asking do you wanna install just press y.)
This will install Php wget and git in termux which will be used while using ShellPhish.
If you already have any of this you can remove the name from command while installing.
3. Cloning the shellPhish project from the git Hub repository.
command-git clone https://github.com/Ethical-Hacking-Zone/shellphish
(I have older photo so don't go photowise)
4. Change directory to shellPhish.
command- cd shellphish
5.Granting access permission to the shellPhish.sh file.
command- chmod +x shellphish.sh
How to Use ShellPhish in termux:
1. Use the below command to run shellPhish.sh file in termux.
command- bash.shellphish.sh
2. Now you have 18 available options. every social media name have an assigned number Like Instagram have 01 Netflix have 08 and so on.
Here I am selecting Instagram but you can choose any from 18 options.
3. Now comes the most importat step:
[Turn on your mobile hotspot]
Now select the second option Ngrok.
4. Now you will get a link, just send this link to the Victim and wait, when user will log in using this link you will get the credentials in the terminal.
Working:
In the below screenshot you can see that where you will find the credentials.
You will also find the IP of victim as well as the device which the victim is using(user agent).
Conclusion:
Sellphish is a great tool and freely available if anything is not working or you are facing any error just comment down below . I will be always here to help you.
DISCLAIMER: This website DOES NOT Promote or encourage Any illegal activities , all contents provided by this website is meant for EDUCATIONAL PURPOSE only .
Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use.
Comments
Post a Comment