Install Phishing Frenzy in Kali linux
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.
Phishing engagements they can uncover how susceptible are the employees of a company in this type of attack. The fact that almost anybody can implement very fast a phishing scam in order to obtain valid credentials and other sensitive information makes it important for companies to test the security awareness of their users and to include phishing exercises into their security testing program. Most of the times this type of attack is successful because it is exploiting the user trust in conjunction awith the lack of security awareness of the user.
However even though as a community through the years we have built frameworks and tools for almost every type of assessment we never had a tool which it will implement and manage a phishing engagement very fast, simple and with the stats that we need for our clients. Phishing Frenzy is here to close this gap and to assist the penetration testers that conduct phishing engagements.
Phishing Frenzy is a tool which created by @zeknox , a security consultant and researcher from Accuvant Labs. One of the main advantages compared to other similar tools is that you can manage your phishing tests more efficiently as you can include the scope of your engagement as well when you create a new phishing campaign.
Installation of Phishing Frenzy
Clone the Phishing Frenzy repository to your system
#git clone https://github.com/pentestgeek/phishing-frenzy.git /var/www/phishing-frenzy
We are going to use RVM to install ruby and ruby on rails. For additional details on how to install RVM please see: https://rvm.io/rvm/install
Install RVM and Ruby
#curl -L https://get.rvm.io | bash -s stable –ruby
Pay attention to the install notes here, you may be required to run a command similar to the following in order to get rvm working properly. You may also be asked to logout / login or open a new shell before rvm is functioning properly.
#vi ~/.bashrc
source /usr/local/rvm/scripts/rvm
Load .bashrc to make rvm useable
#source ~/.bashrc
Install Ruby on Rails. We can use rvm to get the job done.
#rvm all do gem –no-rdoc –no-ri install rails
Install mod_passenger for Apache
#rvm all do gem –no-rdoc –no-ri install passenger
Invoke passenger install script
If you do not have the required software to install passenger, the script will let you know which additional software needs to be install.
#apt-get install libcurl4-openssl-dev apache2-threaded-dev libapr1-dev libaprutil1-dev
You will need to invoke the passenger-install-apache2-module to continue
#passenger-install-apache2-module
Include pf.conf
Also you will need to add the following line which is used to manage the virtual hosts.
This addition to inclue pf.conf tells Apache to look at this file within the Apache directory (/etc/apache2/pf.conf) and serve up whatever website is configured.
Now that Apache is configured to process the pf.conf configuration file everytime Apache reloads or restarts we need to create the file and add the following content to pf.conf. ‘ServerName’ should be changed to whichever domain name that Phishing Frenzy is running under. This tells Apache which website to serve up when a request for phishingfrenzy.com is made.
#vi /etc/apache2/pf.conf
<IfModule mod_passenger.c>
PassengerRoot %ROOT
PassengerRuby %RUBY
</IfModule>
<VirtualHost *:80>
ServerName http://www.arthar.com
# !!! Be sure to point DocumentRoot to ‘public’!
DocumentRoot /var/www/phishing-frenzy/public
RailsEnv development
<Directory /var/www/phishing-frenzy/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
Pay attention to the end of the script because it will ask you to copy a few lines into your Apache configuration file, these are what the lines looked like in my case
#vi /etc/apache2/apache2.conf
Include pf.conf
Include httpd.conf
LoadModule passenger_module /usr/local/rvm/gems/ruby-2.0.0-p247/gems/passenger-4.0.20/buildout/apache2/mod_passenger.so
PassengerRoot /usr/local/rvm/gems/ruby-2.0.0-p247/gems/passenger-4.0.20
PassengerDefaultRuby /usr/local/rvm/wrappers/ruby-2.0.0-p247/ruby
Ensure PF can write to the httpd.conf file
#touch /etc/apache2/httpd.conf
Change ownership of apache config to allow Phishing Fenzy manage virtual hosts. If you currently have entries within the httpd.conf file, backup the file now because Phishing Frenzy will delete all entries in this file when managing virtual hosts for phishing campaigns.
#chown www-data:www-data /etc/apache2/httpd.conf
MySQL Configuration
#service mysql start
Create Rails Database for Phishing Frenzy:
#mysql -u root -p
#mysql> create database pf_dev;
#mysql> grant all privileges on pf_dev.* to ‘pf_dev’@’localhost’ identified by ‘bhuvi’;
#cd /var/www/phishing-frenzy/
#bundle install
Ruby on Rails Configuration
Make sure app/config/database.yml file is properly configured or the rake tasks will fail. The database.yml file will tell your rails application how to properly authenticate to database server and access the database. If either of the rake tasks fail, it will render Phishing Frenzy worthless, so ensure the rake tasks are completed successfully before continuing on.
Ensure that you are in the root of the rails application before running any rake commands. rake commands will most certainly fail to run because of the required approot/Rakefile required.
Before you chmod these files, you may be required to create the log directory or even the development.log file if the rails application has never been started.
#chmod 0666 /var/www/phishing-frenzy/log/development.log
#chmod 0666 /var/www/phishing-frenzy/db/schema.rb
Create Database schema using Rails Migrations:
#rake db:migrate
Populate database with content using Rails Seeds helper:
#rake db:seed
If you would like to install the 2 default templates (efax and intel password checker) you can do so by simply running the following rake task.
#rake templates:load
Background Jobs
Phishing Frenzy uses Sidekiq to send emails in the background. Sidekiq depends on Redis to manage the job queue. At this time, Phishing Frenzy does not use asynchronous processing by default so you do not need to install Redis and Sidekiq. The feature can be enabled from the Global Settings view in the Admin section.
Install Redis
In order to allow for Sidekiq process monitoring, you must start Sidekiq with a configuration that places the Sidekiq pid in /tmp/pids/sidekiq.pid
#wget http://download.redis.io/releases/redis-stable.tar.gz
#tar xzf redis-stable.tar.gz
#cd redis-x.x.x/
#make
#make install
#cd utils/
#./install_server.sh
If you would like to bind redis to the loopback interface checkout redis documentation for more details.
Start the sidekiq server to interact with redis
#mkdir /var/www/phishing-frenzy/tmp/pids
#chown www-data:www-data -R /var/wwwphishing-frenzy
#bundle exec sidekiq -C config/sidekiq.yml
Linux Configuration
Change ownership and permissions of the web application to the same account Apache is running as. In most cases this will be the ‘www-data’ account.
#chown -R www-data:www-data phishing-frenzy/
#chmod a+rw /var/www/phishing-frenzy/public/templates/
#chmod o+rw phishing-frenzy/public/uploads/
Edit /etc/sudoers to allow Phishing Frenzy to restart apache and manage the virtual hosts. This way Phishing Frenzy can run multiple phishing websites on one webserver.
#vi /etc/sudoers
www-data ALL=(ALL) NOPASSWD: /etc/init.d/apache2 reload
configure the SITE_URL within config/application.rb to the appropriate FQDN of the PF interface. This is most likely the same FQDN defined in pf.conf:
SITE_URL = “http://www.arthar.com”
Start Apache web server
# apachectl start
Enjoy Phishing Frenzy!!!!!
Default Login
Phishing Frenzy is configured with a default login of:
username: admin
password: Funt1me!
No comments:
Post a Comment