Information Gathering Password Attacks Web Application

Weeman – HTTP Server for Phishing

Weeman – HTTP server for phishing in python. Weeman has support for most of the (bigest) websites. Usually you will want run Weeman with DNS spoof attack. (see dsniff, ettercap).

Weeman will do the following steps:

  • Create fake html page.
  • Wait for clients
  • Grab the data (POST).
  • Try to login the client to the original page

 

Requirements:

  • Python <= 2.7.
  • Python BeautifulSoup 4

Install BeautifulSoup:

  • Archlinux
  • Ubuntu/Linuxmint
  • For another OS:

Platforms:

  • Linux (any)
  • Mac (Not tested)
  • Windows (Not tested)

Note: If weeman runs on your platform (Mac/Windows), please let the author know, or visit the official github.

Usage:
Just type help

Run server:
For port 80 you need to run Weeman as root!
Host to clone (Ex: www.social-networks.local):

“<“form action = “TAKE THIS URL”>”(View the site source and take the URL):

The port Weeman server will listen:

Start the server:

The settings will be saved for the next time you run weeman.py.

Get Weeman:

Credits to: Hypsurus

Download Weeman at Github

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply