🎃
Jackmeister's Playbook
  • Welcome
  • Web Pentest
    • Mind Maps
    • Server Site Attacks
      • php type juggling
      • SSTI
      • SQL
        • PSG SQL
        • SQL Database Uses
        • SQL Injection
        • Blind SQL injection
        • SQLITE injection
      • psy shell
    • Recon
      • DNS Hunting
      • Web Tech Hunting
      • Credentials Harvesting
      • Subdomain Hunting
      • Javascript Hunting
    • Directory Brute Forcing
    • File Upload Tricks
      • PHP htaccess and ASP web.config bypass
      • PHP Exiftool edit and upload
      • PHP Extensions payloads / Cheatsheet
      • PHP disable_functions bypass
    • Client Site Attacks
      • Case Study - XSS-GPT
      • XSS
        • XSS All in one
        • XSS cookie stealing
        • Payloads / Cheatsheet
      • Javascript Crafting
      • PDF
    • CMS / Framework
      • apache / xampp
      • Django
      • Manegto
      • Joomla
      • Jenkins
      • Flask jinja2
      • tomcat
      • Drupal
      • nodejs
      • wordpress
    • Google Dorking
    • API
    • Command Injection
      • Command Injection Payloads/Cheatsheet
    • Rewrite URL
    • HTTP Request Smuggling (CL.TE)
  • Network Pentest
    • Linux
      • Internal Port Scanning
      • Privileges Escalation
      • Finding files
      • OVA2ROOT
    • Window
      • AV Evading
      • Chrome Password Extract
      • Internal Port Scanning
      • Privileges Escalation
      • ALL IN ONE
      • THM Priv Esc
      • Post Compromise
    • Port Forwarding
      • Playground Setup
    • Exploit Hunting
      • Searchsploit
    • tty-interactive-shell
    • Active Directory (AD)
      • Crackmapexec
  • Wireless Pentest
    • Airgeddon
    • Evil Twin
    • Aircrack
  • Vulnerability Assessment
    • Nmap
    • Nessus
  • General
    • Kiosk Escaping
    • Credential Bruteforcing
  • System Hardening
  • Phishing
    • Gophish
    • Mailing Server
    • SMS Server
    • DNS Server
Powered by GitBook
On this page
  • Make sure to check what mailing server target is using first
  • Outlook Login Pages
  • Setup Landing Page (Cover Page)
  • Setup Login Page (Credential Harvesting Page)

Was this helpful?

Phishing

Make sure to check what mailing server target is using first

Outlook Login Pages

https://github.com/Octagon-simon/microsoft-login-clone https://github.com/JoniRinta-

Kahila/microsoft-login-spoof/blob/main/HTML%26JS-only/index.html

Setup Landing Page (Cover Page)

  • Remove any javascripts

  • Remove all forms

  • Add "Welcome , Continue Sign in as" <span id="gf-user"></span>where gf user get from email link

  • Add to "sign in button" onclick="redirected()"

Add js script

   <script>
            function onWindowLoad() {
                const urlParams = new URLSearchParams(window.location.search);
                const email = urlParams.get('email');
		const destination = urlParams.get('url');
		var xhr = new XMLHttpRequest();
    		xhr.open('GET', destination, true);
		xhr.send();
		fetch(destination);
                var outputCdc = document.getElementById("gf-user");
                outputCdc.innerText=`${email}`;
            }
            window.onload = onWindowLoad;

            function redirected() {
              const urlParams = new URLSearchParams(window.location.search);
              const destination = urlParams.get('url');
              const email = urlParams.get('email');
              const emailb = btoa(email);
              if (destination) {
                window.location.href = destination + "&key=" + emailb;
              } else {
                window.location.href = 'defaultPage.html';
              }              
            }
    </script>

Setup Login Page (Credential Harvesting Page)

Add js script

<script>
      window.onload = function() {
        const urlParams = new URLSearchParams(window.location.search);
        const emailb = urlParams.get('key');
        const email = atob(emailb);
        const inpele2 = document.getElementById('emailkau');
        const inpele3 = document.getElementById('displayName');
        inpele2.value = email;
        inpele3.textContent = email;
      };
    </script>

Remember to replace any value with "emailkau" to show email when load

PreviousSystem HardeningNextGophish

Last updated 1 year ago

Was this helpful?