Introduction
For security professionals, the URL is usually the most trusted aspect of a domain. Yes there’s attacks like IDN Homograph and DNS Hijacking that may degrade the reliability of URLs but not to an extent that makes URLs unreliable.
All of this eventually lead me to think, is it possible to make the “Check the URL” advice less reliable? After a week of brainstorming I decided that the answer is yes.
BITB
Browser templates for Browser In The Browser (BITB) attack.
More information: https://mrd0x.com/browser-in-the-browser-phishing-attack/
Usage
Each folder has a index.html
file which has 4 variables that must be modified:
- XX-TITLE-XX - The title that shows up for the page (e.g. Sign in to your account now)
- XX-DOMAIN-NAME-XX - Domain name you're masquerading as. (e.g. gmail.com)
- XX-DOMAIN-PATH-XX - Domain path (e.g. /auth/google/login)
- XX-PHISHING-LINK-XX - Phishing link which will be embedded into the iFrame (e.g. https://example.com)
Furthermore, if you're using a Windows template you should update the logo.svg
which is the icon of the website you're masquerading as. The default logo is Microsoft.
Github : https://github.com/mrd0x/BITB
*Beware click the link!