7MS #583: Cred-Capturing Phishing with Caddy Server
7 Minute Security4 Aug 2023

7MS #583: Cred-Capturing Phishing with Caddy Server

Today we talk about crafting cool cred-capturing phishing campaigns with Caddy server! Here's a quick set of install commands for Ubuntu:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list sudo apt update sudo apt install caddy -y

Create an empty directory for your new site, and then create a file called Caddyfile. If all you want is a simple static site (and you've already pointed DNS for yourdomain.com to your Ubuntu droplet, just put the domain name in the Caddyfile:

domain.com

Then type sudo caddy run - and that's it! You'll serve up a blank site with lovely HTTPS goodness! If you want to get more fancy, make a index.html with a basic phishing portal:














User Name:

Password:



Unauthorized use is prohibited!

This will now be served when you visit domain.com. However, Caddy doesn't (to my knowledge) have a way to handle POST requests. In other words, it doesn't have the ability to log usernames and passwords people put in your phishing portal. One of our pals from Slack asked ChatGPT about it and was offered this separate Python code to run as a POST catcher:

from flask import Flask, request app = Flask(__name__) @app.route('/capture', methods=['POST']) def capture(): print(request.form) return 'OK', 200 if __name__ == '__main__': app.run(host='0.0.0.0', port=5000)

If you don't have Flask installed, do this:

sudo apt install python3-pip -y sudo pip install Flask

Run this file in one session, then in your index.html file make a small tweak in the form action directive:

Try sending creds through your phishing portal again, and you will see they are now logged in your Python POST catcher!

Avsnitt(682)

7MS #34: The Hacker Playbook (audio)

7MS #34: The Hacker Playbook (audio)

I found a great bit of reading that walks you through the “plays” of hacking – enumeration, exploitation, post-exploitation, etc. It’s a great (and affordable) book called The Hacker Playbook. Cheggitowt! Download: 7MS #34: The Hacker Playbook (audio)

14 Nov 20147min

7MS #33: ProXPN (audio)

7MS #33: ProXPN (audio)

This episode’s all about a cool product called ProXPN that I use to encrypt/anonymize my traffic for various reasons. Not a sponsored episode or anything like that, but I am a fan of this service :-). Download: 7MS #33: ProXPN (audio)

7 Nov 20147min

7MS #32: OSCP – part 3 (audio)

7MS #32: OSCP – part 3 (audio)

Been a while since I shared an update on OSCP progress. It’s going good but…slow. However, I do have one (maybe obvious) tip to share that I hope will save you a ton of time. Download: 7MS #32: OSCP – part 3 (audio)

1 Nov 20147min

7MS #31: Network Detective (audio)

7MS #31: Network Detective (audio)

Network Detective is a tool we’ve been using as kind of an addendum to our full security assessment. It gives some nice, plain-English Excel spreadsheets and Word docs that report on AD health and structure, PC inventory and open ports, AV clients that aren’t working right, and a whole lot more. Download: 7MS #31: Network Detective…

25 Okt 20147min

7MS #30: Managing Privileged Accounts (audio)

7MS #30: Managing Privileged Accounts (audio)

Most organizations I talk to have no idea where their privileged accounts are used across the network. I recently saw a demo of a solution called CyberArk, which seems to address that problem. Download: 7MS #30: Managing Privileged Accounts (audio)

18 Okt 20147min

7MS #29: Follow Up Then (audio)

7MS #29: Follow Up Then (audio)

This isn’t necessarily related to security, but it’s about one of my favorite tools to keep my todos organized: FollowUp Then! Download: 7MS #29: Follow Up Then (audio)

11 Okt 20147min

7MS #28: Infosec for Kids? (audio)

7MS #28: Infosec for Kids? (audio)

This is more of a random, wondering aloud type of episode as I think about raising my kids with infosec in mind. Specifically, what’s life going to be like for them growing up in an Internet-soaked world where there are constantly text/video/photos of them going online – to stay forever? Download: 7MS #28: Infosec for Kids?…

27 Sep 20147min

7MS #27: Backing Up with CrashPlan (audio)

7MS #27: Backing Up with CrashPlan (audio)

Hey, when it comes to backups…uh…you should have them! This is a NON-endorsed/sponsored episode about my personal favorite backup service called CrashPlan. Download: 7MS #27: Backing Up with Crashplan (audio)

20 Sep 20147min

Populärt inom Politik & nyheter

p3-krim
flashback-forever
svd-dokumentara-berattelser-2
rss-viva-fotboll
olyckan-inifran
rss-vad-fan-hande
svenska-fall
aftonbladet-daily
rss-sanning-konsekvens
fordomspodden
motiv
krimmagasinet
blenda-2
rss-krimstad
dagens-eko
rss-frandfors-horna
spar
rss-expressen-dok
spotlight
svd-nyhetsartiklar