Sunday, March 10, 2019

How To Install BlackEye | The Most Complete Phishing Tool

In maximum tools made for Linux environment for phishing purpose doesn't offer many options. They offer only the most 5-10 popular platforms to clone.

This can be not enough for some people who want to clone a website that is not so popular. If you go to build a phishing template for that site, it will take a lot of time. If you don't have enough time, you can give BlackEye a try. 

BlackEye is the most complete phishing tool with 32 web templates +1 customizable. You can give it a try if the tool has the option you need.

BlackEye is basically a shell script coded by @thelinuxchoice and an upgrade from the original ShellPhish tool. It is a simple script and no need to give an explanation for the script.

The best thing is it not only captures the credentials, but it also captures the IP details. Just give a look at how to install the script in Kali Linux.

Install BlackEye in Kali Linux

Fire up your Kali Linux Machine, open up the terminal and change the directory to the Desktop and clone/download the tool from Github.

cd Desktop/

Now change the directory to BlackEye folder. Here you can see a shell script named with blackeye.sh. If you are a root user, you must take root permission to run it. Don't worry, just follow the commands.

cd blackeye/
ls
chmod +x blackeye.sh
./blackeye
BlackEye | The Most Complete Phishing Tool with IP Details capturing Feature

Okay, you have successfully run the script. Now select the site you want to clone and hit enter. Now the tool will ask you to put the LAN IP address.
BlackEye | The Most Complete Phishing Tool with IP Details capturing Feature

Now you can share your Local IP address with the victim. Now the most important step is how you deliver it to the victim. You can Mask the IP address with URL shortener services. Also, you can use Emkei's Fake Mailer to send a spoofed E-mail.
BlackEye | The Most Complete Phishing Tool with IP Details capturing Feature

Note: The tool only works on LAN. AnonuD4y is working on modifying the script to integrate Ngrok with it so that it works over WAN but it has some issues with starting Ngrok. You can check out that version on Github. Also, You might know about Modlishka. A tool that can bypass two-factor authentication of websites including Google services. You don't need to clone templates. Modlishka works like a proxy between you and the server, that means the server runs live. This tool taking Phishing to the next level. To give it a try, check out the tutorial on Modlishka on our site.

Conclusion

In Social Engineering, hackers do not hack electronic devices. They hack human minds. You can't depend on the tools you use to do that. The tools play a side role only. It is completely up to you, how you hack into the victim's mind.

If we talk about the tool, it is an amazing tool. We are not talking about the web templates comes with it, we are talking about the extra two features we got to see. The first one is Ngrok and the second one is IP details. These two features make the tool amazing.

What's your opinion about this tool? tell us in the comment box below.

Comments 0

Thanks for visiting us. Please Do comment with a valid name. Don't comment as Unknown.
(Warning: Do not spam in the comment box. Repetitive comments will not be moderated.)
EmoticonEmoticon