Skip to content

remoteoffices/phishyfish

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
api
api
 
 
caddy
caddy
 
 
leet_frontend
leet_frontend
 
 
user_frontend
user_frontend
 
 
README.md
README.md
 
 
compose.yml
compose.yml
 
 
dev_prep.sh
dev_prep.sh
 
 
package-lock.json
package-lock.json
 
 
start.sh
start.sh
 
 

Repository files navigation

PhishyFish ><(((º>

During one of the RedTeam assessments with my team, we wanted a quick way to bypass OTP for Microsoft Outlook. We wanted it to be manually operated and customized as we were doing targeted phishing attacks not only against Outlook but also VPN and other portals that support SSO, so I built quick Javascript code in a couple of hours to do that. The previous code had a lot of limitations. This project is the long-enhanced version of it.

PhishyFish is meant to be a framework, the user_frontend project is an example of how to implement the user interface and interact with the API. You can alter it or create your own project based on it.

PhishyFish_demo.mp4

Now it come with a new look

image image

Features / TODO:

  • Add Auto_mode: will try to automate the the process of OTP grabbing and submitting
  • On Auto_mode: saving user cookies and taking a screenshot for office and outlook pages
  • simplify the installation process
  • Add caddy as a reverse proxy
  • Auto SSL generating using Let's Encrypt
  • Add version history for all users submittion
  • Add more features in Auto_mode
  • Add ability to block IP address based on (IP|Region|resident/Server) - IP only is done
  • Better notification on slack
  • Rewrite auto_login to use playwright
  • Integrate cookie with cookie-editor
  • Host in subdirectory
  • Add tracker id
  • Change the API calls to be server side only
  • Rewrite the user_frontend in less stupid way - still some stupid stuff
  • Write some Documentation
  • Replace pull with websocket

Installation

Make sure docker & docker-compose are installed in your system

Clone the project

git clone https://github.com/0xb11a1/phishyfish.git
cd phishyfish

Customization: replace these two files to you coresponding target logo and wallpaper user_frontend/o365/public/company_background.jpeg user_frontend/o365/public/company_logo.png

Build and run the framework :

./start.sh [ -p password ] [ -s slack_webhookURL ] [-d domain_for_SSL_generation ] [-S internal ] [-i parameter name]

  • -p Password for the admin portal (Please make it a complex one)

  • -s Slack bot URL, this is for receiving notifications when the user visits the website or submits his credentials.

    How to create one : https://www.svix.com/resources/guides/how-to-get-slack-webhook-url/

  • -d Domain name to SSL certificate, if not set, localhost will be used.

  • -S The subDirectory the application will be hosted on, this to avoids scanners that auto scans any new domain. if not set it will be hosted in /

  • -i Parameter name to be used for tracking clickes.

Development

To set the environment for development tun ./dev_prep.sh then run all three projects manully

# user_frontend
cd user_frontend/o365
npm install
npm run dev -- --port 3006

# leet_frontend
cd leet_frontend
npm install
npm run dev -- --port 3005

# API
cd api
pip3 install -r requirements.txt
uvicorn main:app --reload --host 0.0.0.0 --port 8000

About

Phishing Framework for OTP codes

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • JavaScript 72.9%
  • Python 18.4%
  • CSS 5.4%
  • Shell 2.8%
  • Dockerfile 0.5%