Hello Friends, In this tutorial we are going to see how we can use a simple phishing tool to try and get a gmails’ username and password details from a victim.
Tools Required
Kali Linux
ShellPhish
Steps
1.Open the terminal and type in the following command to clone the shellphish tool from Github:
git clone https://github.com/thelinuxchoice/shellphish.git
2.Now navigate into the Shellphish using
cd Shellphish
3.List down the folders inside the Shellphish using
ls
4.Make the shellphish.sh to executable using the command
Chmod +x shellphish.sh
5.Run the shellphish using the following command
./shellphish.sh
6.Select the website you want to clone. In our example we choose gmail
7.Select Port Forwarding option as 2 for Ngrok
8.Send this link to the victim when the link enters the credentials it will be shown in the terminal
We can see on the terminal the entered credentials from the user. we now have the username and password. This trick can be used for other similar websites. I Hope you liked the tutorial. If you have any comments or suggestion let me know in the comment section
Happy Hacking
