• Stars
    star
    1,310
  • Rank 35,926 (Top 0.8 %)
  • Language
    HTML
  • License
    Apache License 2.0
  • Created about 7 years ago
  • Updated over 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

CredSniper

Overview

Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token.

Brought to you by:

Black Hills Information Security

Benefits

  • Fully supported SSL via Let's Encrypt
  • Exact login form clones for realistic phishing
  • Any number of intermediate pages
    • (i.e. Gmail login, password and two-factor pages then a redirect)
  • Supports phishing 2FA tokens
  • API for integrating credentials into other applications
  • Easy to personalize using a templating framework

Basic Usage

usage: credsniper.py [-h] --module MODULE [--twofactor] [--port PORT] [--ssl] [--verbose] --final FINAL --hostname HOSTNAME

optional arguments:
  -h, --help           show this help message and exit
  --module MODULE      phishing module name - for example, "gmail"
  --twofactor          enable two-factor phishing
  --port PORT          listening port (default: 80/443)
  --ssl                use SSL via Let's Encrypt
  --verbose            enable verbose output
  --final FINAL        final url the user is redirected to after phishing is done
  --hostname HOSTNAME  hostname for SSL

Credentials

.cache : Temporarily store username/password when phishing 2FA

.sniped : Flat-file storage for captured credentials and other information

API End-point

  • View Credentials (GET) https://<phish site>/creds/view?api_token=<api token>

  • Mark Credential as Seen (GET) https://<phish site>/creds/seen/<cred_id>?api_token=<api token>

  • Update Configuration (POST) https://<phish site>/config

	{
	   'enable_2fa': true,
	   'module': 'gmail',
	   'api_token': 'some-random-string'
	}

Modules

All modules can be loaded by passing the --module <name> command to CredSniper. These are loaded from a directory inside /modules. CredSniper is built using Python Flask and all the module HTML templates are rendered using Jinja2.

  • Gmail: The latest Gmail login cloned and customized to trigger/phish all forms of 2FA
    • modules/gmail/gmail.py: Main module loaded w/ --module gmail
    • modules/gmail/templates/error.html: Error page for 404's
    • modules/gmail/templates/login.html: Gmail Login Page
    • modules/gmail/templates/password.html: Gmail Password Page
    • modules/gmail/templates/authenticator.html: Google Authenticator 2FA page
    • modules/gmail/templates/sms.html: SMS 2FA page
    • modules/gmail/templates/touchscreen.html: Phone Prompt 2FA page

GMAIL UPDATE: Google requires a backup form of 2FA when using U2F. Bypassing U2F is possible by forcing one of the fall-back options instead of prompting the user to use their U2F device. CredSniper attempts to force SMS if it's available otherwise it forces TOTP. For security savvy victims, they may be weary if they are prompted for the SMS or TOTP token instead of their U2F device.

  • Example: An example module that demonstrates standard phishing w/ 2FA tokens
    • modules/example/example.py: Main module loaded w/ --module example
    • modules/example/templates/login.html: Standard login form
    • modules/example/templates/twofactor.html: Standard 2FA token form

Installation

Ubuntu 16.04

You can install and run automatically with the following command:

$ git clone https://github.com/ustayready/CredSniper
$ cd CredSniper
~/CredSniper$ ./install.sh

Then, to run manually use the following commands:

~/$ cd CredSniper
~/CredSniper$ source bin/activate
(CredSniper) ~/CredSniper$ python credsniper.py --help

Note that Python 3 is required.

Screenshots

Gmail Module

GmailLogin

GmailPassword

GmailSMS

GmailAuthenticator

GmailTouch

Maintainer

Contributing

  1. Create an issue to discuss your idea
  2. Fork CredSniper (https://github.com/ustayready/CredSniper/fork)
  3. Create your feature branch (git checkout -b my-new-feature)
  4. Commit your changes (git commit -am 'Add some feature')
  5. Push to the branch (git push origin my-new-feature)
  6. Create a new Pull Request

Bug reports, feature requests and patches are welcome.

Analytics

More Repositories

1

fireprox

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
Python
1,857
star
2

CredKing

Password spraying using AWS Lambda for IP rotation
Python
566
star
3

SharpHose

Asynchronous Password Spraying Tool in C# for Windows Environments
C#
306
star
4

python-pentesting

Just a repo of random Python scripts to get pentesters started with the Python language on engagements.
Python
209
star
5

golddigger

Python
180
star
6

CasperStager

PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
C#
146
star
7

cloudgpt

Vulnerability scanner for AWS customer managed policies using ChatGPT
Python
141
star
8

wnfexec

WNF Code Execution Library Using C#
C#
108
star
9

ShredHound

Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
Python
81
star
10

DirectAI

ChatGPT queries via OpenAI API in your terminal
Python
60
star
11

CloudBurst

CloudBurst is a red team framework for interacting with cloud providers to capture, compromise, and exfil data.
36
star
12

roguerdp

33
star
13

outpost

AWS Testing and Reporting Management Tool
Python
20
star
14

android-app-recovery

Scripts to parse large Android binary images and extracts deleted data from apps
Python
13
star
15

mavd

Mobile Application Vulnerability Detection
Python
12
star
16

physical-analyzer-scripts

Cellebrite Physical Analyzer python scripts to aid analysts with extended functionality
Python
8
star
17

googlerecon

Google Recon for Pentesting
Python
6
star
18

pynse

NSE to launch Python Scripts
Python
5
star
19

qrwifi

QRCode Wifi Generator
Python
3
star
20

forensicpy

Library for performing mobile device decoding for nibbles and 7-bit decoding
Python
3
star
21

pyslite

Script for performing SQLite database to Excel workbook conversions
Python
3
star
22

XtoTwitter

JavaScript
2
star
23

polk-sheriff-arrests

Downloads all the arrests from 1990-2017 from Polk County Sheriffs Office
Python
2
star
24

digraph

A digraph plotter for sequential byte visualization
Python
2
star
25

ipsubcon

IP Subnet Converter
Python
1
star
26

stayready.github.io

Personal Github IO Website
HTML
1
star
27

CasperWNF

Simple UI for creating, subscribing, updating, querying, and fuzzing Windows WNF state names.
1
star