Hack passwords with phishing

Some of you have maybe never heard about phishing. This is as it sounds, you will be fishing for passwords. In our case, we will have a lot of different websites we can get the password from. Examples of sites are Instagram, Facebook, Google and so on. Today we will use a tool called blackeye. It is really easy to download and to use. Just follow the steps below.

1. Start by going to the /opt directory by typing "cd /opt" as shown in the picture.

Then git clone the program we are using, blackeye. So type "git clone https://github.com/thelinuxchoice/blackeye.git".

2. Then you will start the program by typing "sudo bash blackeye.sh". If you later want to start this program you can type "cd /opt/blackeye" and then "sudo bash blackeye.sh".

3. Now it is time to choose what web page you want to fish from. In this tutorial, I choose the number 8 --> Netflix. But the process is the same for all sites. So choose the one that the victim probably will enter sometime soon. Where it says to write the IP-address you can just copy the numbers as shown in the image.

This will set up a web site on the IP-address we have on the computer. So if you type the IP-address you should see the page shown below.

As you can see the page looks legit and everything you see is customizable, but we will get into that in a later tutorial.

But if someone enters their real login credentials you will be able to see them in the previous window.

On the right, the image shows were the username and password can be read. You can also see that the username and password will be saved in the file saved.usenames.txt in the folder blakeye/sites/netflix/. So you will not need to write them down. If you look a bit higher on the image, the tool did catch the Victim IP-address as well. It also gives some other information. Which is also saved.

How to get anyone to enter?

By now most of you will think that it would be impossible to get someone to enter the page when the link would be obvious. But for that, we will use dns spoofing. If you do not know what that is I will post about how to use that. I will also show how to combine the two of them so when people are entering a page they will come to our login page instead.

Any troubles or questions?

If you have any trouble or questions please just ask. I answer all DMs as fast as I can as well as the comments. Then the chat function is used as well. It can be small or big trouble, ask me and I will try to help you!