HiddenEye advanced phishing framework What is it? " Modern Phishing Tool With Advanced Functionality PHISHING | KEYLOGGER | INFORMATION_COLLECTOR | ALL_IN_ONE_TOOL | SOCIALENGINEERING " Quoted from project github: https://github.com/DarkSecDevelopers/HiddenEye Tool definitely works, built, tested, modified in latest TinyPaw v1.3.1.1 release build. Some modifications were made to the Actions.py script to fix ascii encode/decode issues. One was for displaying the scripts mainMenu() function which was simply replacing characters from the script that wouldn't display properly in the terminal. The others related to the open(' ') function used to read from or write into php or html files the script generated and modifies on the fly - the issue was fixed by declaring the encoding for python to read/write with which was done by adding encoding="utf-8" to the various lines calling the open('') function. See images below: This framework requires a internet device, it generates and runs a php "localhost" 127.0.0.1:1111 server and will generate live web available pages for testing. Same in theory could be accomplished using spoofing/poisoning/redirection mitm techniques - that is if you are on the same local network as testing box. Very straightforward command and menu structure and simple implementation. When prompted to input redirection url simply use the url of the legitimate page you have decided to phish with - ie facebook dummy page redirects to facebook.com, etc, etc If prompted to do so, and may only need to do this once: Open your terminal/cli from the HiddenEye-master dir and enter the following: cd Server/www/ && sudo php -S 127.0.0.1:1111 > dev/null As stated above - tested and verified within TinyPaw_v1.3.1.1 only. HiddenEye adjusted available at: @sourceforge: tp-hiddeneye.zip @bitbucket: tp-hiddeneye.zip Required deps: @sourceforge: wget-3.2.tcz libssh2.tcz @bitbucket: wget-3.2.tcz libssh2.tcz Installation: 1.) Download tp-hiddeneye.zip from either above repository. 2.) Open your terminal/cli and enter the following: cd /home/tc/Downloads/ unzip tp-hiddeneye.zip 3.) Download both above required deps from either above repository. 4.) Copy the downloads deps *deps only* to your (*/tce/optional/) directory. 5.) Open your onboot.lst file located in your (*/tce/) directory and make following changes: -add line item: "wget-3.2.tcz" -add line item: "libssh2.tcz" 6.) Save the changes you've made by either (file+save) or (cntl+s) and close your editor. 7.) Reboot your system for required deps to run at boot. 8) Upon reboot open your terminal/cli and enter following: cd /home/tc/Downloads/HiddenEye-master/ sudo python3.6 HiddenEye.py 8.) Please post any bugs, I am in the process of next release build v1.4 so trying to make this clean but will be default tool in next builds.
More on this: the fix for the open( '' ) function was caught and fixed for successful implementation of keylogger. Also - unless target box already has cached login credentials for the target site you are phishing with then you will likely enter test credentials into phishing page only to be redirected to official page to login again. However if browser / device has been used to login to service before then after entering credentials into phishing test page you will transition to official site.
To note: If at all during runtime you encounter a blank phishing page or a php error message that there is already an instance running on port:1111 Please open your terminal/cli and enter the following: Sudo netstat -tlp *Make note of any pid running php - hint: will either display as listening on: 127.0 0.1:1111 or 0.0.0.0:1111 Your process id in netstat should display as: #####/php Now that you know your pid/php enter the following in your terminal/cli Kill ##### This is only in the event you see an error that your php server on localhost is already running/listening.
