Hello learners, in this guide we will be using socialfish to acquire credentials form our target. In the previous guides we learnt what is social engineering and ways through which one can carry out phishing.
In this guide, we will be using the social engineering techniques together with the socialfish tool to avoid detection by the target while phishing his/her credentials. With the latest version of socialfish, it has an intuitive UI for managing and creating your phishing. The latest update is also easy to use for those with less on no knowledge in phishing.
Features of SocialFish
Some of the features in the new tool include:
- Easy cloning of the target website when phishing for credentials – with the help of other tools, it has become easier to clone login pages to use while phishing. i.e. Tools such as Kismet.
- User can use the phishing tool with ngrok – with the help of ngrok, users are able to expose their local environment to the internet hence a phishing link generated with socialfish and ngrok can be used to target any individual from around the world.
- Intuitive design to improve the user experience while using socialfish – the new tool has been designed to include all its functions under one page.
- Integration with other tools – the tool is integrated with shodan and other open source intelligence tools to provide target information to the user.
- You can use socialfish both on the PC and on Android devices – the tool has an application from which you can monitor the progress of your phishing on the go.
- PC running on Kali Linux.
- Have Python 3 or above installed.
- Knowledge to use the terminal.
- Have ngrok installed.
Having familiarized with socialfish we can now jump right into our guide on how to use it for phishing.
To install socialfish, we can either download it as a zip file or clone the github repository using the terminal by running the below command.
Git clone https://github.com/UndeadSec/SocialFish.git
After downloading, we now move into the directory.
Once in the directory, we want to download all the requirements for running and using socialfish.
pip install -r requirements.txt
When the installation is complete, we are now ready to launch the phishing attack.
2: Running SocialFish
After the installation is complete, we have to make the SocialFish.py file executable. To do this, we will use the below command.
Chmod +x SocialFish.py
To run the tool, we use the below syntax.
./SocialFish.py <username> <pass>
On the “<username>” we will set the username we will use to login and “<pass>” is where we will insert the password we will be using. We will run it as shown below.
And once the tool starts, we can login to the main page as indicated on the terminal shown below. To login to the admin panel we navigate to the address “0.0.0.0:5000/neptune”.
3: Login to the main page
We open our preferred web browser and navigate to the above specified link to login as shown in the below image. From the main page, we can launch a phishing attack on our target.
4: Launching a phishing attack
Once we login to the main page, we can see different useful components we can use in our phishing.
As shown on the above image, we have a field to input the link of the website we want to clone and input field for the webpage we want to be redirected to. You can also choose use a custom HTML page . We have an option to inject beef-xss to our phishing page to use with BeEF tool.
Socialfish also has an access token in case you want to connect it to your android app for easier phishing attacks management. Send mail option will enable us to send phishing email direct to our target inbox from the main page as shown on the image below.
After the phishing is complete, we can generate a complete phishing report using the button on the main page too.
At the bottom of the phishing page is where we will be able to view our phishing reports and we can also perform deeper information gathering on our targets. We can scan for open ports and even use shodan to gather more information.
In this guide we will be launching a custom attack hence we will use the custom page as shown on the image below.
Now after the user enters his/her credentials he/she will be redirected to www.google.com.
This step is usually optional and is used only when your target is not on the same local area network as you are in. Using this option will make the socialfish instance you are running accessible by anyone as long as they have an active internet connection.
Ngrok helps us to tunnel the traffic sent through the port we are using on socialfish which is port 5000 using the below command.
ngrok http 5000
You can share the link generated on ngrok with the target. Once he/she clicks on the link he will be directed to the login page as shown on the image below.
Once the victim enters the user email address and the password and signs in, he/she will be redirect to the link we had provided earlier. Now the details have been logged on the admin page and we can view them as shown on the image below.
In the above guide we are able to launch a phishing attack easily using socialfish tool. This tool is useful to ethical hackers as they carry on their professional work to ensure a safer world for everyone. Cyber criminals also abuse such tools to their advantage hence it is of importance to know how the tool works. It should however be noted that it is prohibited to perform any kind of a phishing attack on an individual.
He is an accomplished professional proficient in Python, ethical hacking, Linux, cybersecurity, and OSINT. With a track record including winning a national cybersecurity contest, launching a startup in Kenya, and holding a degree in information science, he is currently engaged in cutting-edge research in ethical hacking.