Weeman -- Phishing With http Server On Internet

Weeman is a very simple http server python script. Weeman can create powerful phishing pages in localhost or same network. It work like other phishing framework, in simple words it takes username and password from users when they type username and password and the credentials grab by weeman and will show in terminal. In this tutorial we learn how to use weeman and make the phishing page working on internet on only in localhost.

Weeman is not comes with Kali Linux so, we need to clone this tool in our Kali Linux system from weeman's Github repository by using following command:

git clone https://github.com/evait-security/weeman
The screenshot of the command is following:

weeman download

Then we need to go into the directory where weeman is downloaded, To do this we use following command:

cd weeman
Now we can run this tool by applying following command:

python weeman.py
The screenshot is following :

weeman home

We can see that weeman is started successfully. Now we set the port by using the command:

set port 8080
Here we create a phishing page of facebook.com. So the command to set phishing page for facebook.com is following:

set url https://facebook.com
The screenshot is following:

setting port and url

Then we need to run the server using run command:

The screenshot is following:

weeman phishing

In the above screenshot we can see that we can access the phishing page by typing localhost:8080 in browser's address bar, and we see that Facebook phishing page is ready in localhost. Check the following screenshot:

Facebook phishing page

We can type our internal ip address in the place of localhost.

Done we did it but wait this is for localhost only that means this page is available for same network. Then how to forward this over internet ?

We will use SSH to forward our port that other network's devices can access our localhost. But how? Ngrok is not stable specially the free version. We use serveo.net.

Our previous tutorial is about How to forward localhost on Internet, Read that by clicking here.

Here in short (not discussing in depth) use following command in another terminal to forward our localhost :

ssh -R 80: serveo.net

Then we got a unique URL. Using this URL we can forward our localhost phishing page in internet. See the screenshot below:

 Now we can catch victim from anywhere not only in local network. When user tries to log in from our link he will be trapped, and he will be forwarded to real Facebook. The credential will show in weeman's terminal as following:

For detailed information about port forwarding using SSH must read this tutorial.

This this tutorial is for educational purpose only. Hacking Facebook account is crime. If anyone do any illegal activity then we are not responsible for that.

Any question or problem ? Better suggestion ? Fell free to comment in the comment section below.
Like our tutorials ? show the support by shearing our tutorials with friends or recommend them our site.
Weeman -- Phishing With http Server On Internet Weeman -- Phishing With http Server On Internet Reviewed by Kali Linux on July 10, 2019 Rating: 5

No comments:

Powered by Blogger.