Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/secnnet/phishing-post


https://github.com/secnnet/phishing-post

anti-phishing-measures backdoored-form credentials-collector cybersecurity-awareness ethical-hacking login-backend phishing-script php-script user-data-collection web-security

Last synced: about 1 year ago
JSON representation

Awesome Lists containing this project

README 

          
# Phishing Script



PHP script for credential collection via a backdoored HTML form.



### Disclaimer:

For educational purposes only. Unauthorized use is illegal. Ensure proper authorization.



### Description:

Collects credentials from manipulated HTML forms. Features include logging, redirection, and handling of multiple password retries.



### Configuration:

1. Open `Phishing Post.php`.

2. Modify variables:

    - `$harvest_filename`: Data filename.

    - `$post_url`: Target post URL.

    - `$resend_post_data`: Resend data to redirect address?

    - `$redirect`: Redirection after data collection.

    - `$redirect_type`: Redirection type.

    - `$wrong_password_url`: "Wrong password" redirection URL.

    - `$password_retry`: Login attempts before redirection.

    - `$log_everyone`: Log all visitors?

    - `$log_format`: Logging format.

    - `$csv_separator`: CSV log separator.

    - `$show_meta_data`: Include metadata in logs?

    - `$exclude_visitors`: Exclude based on VISITOR_ID.



### Usage:

1. Configure as per above.

2. Upload `Phishing Post.php` to web server.

3. Create backdoored HTML form pointing to script.

4. Deploy or send form for phishing.



### Legal Notice:

Malicious or unauthorized use is prohibited. Author & OpenAI not liable for misuse. Adhere to all applicable laws & regulations.



### Support:

For questions, contact the script author or refer to the OpenAI community.



### License:

MIT