credentialharvest

command

v1.1.0 Latest Latest Go to latest Published: Mar 8, 2024 License: GPL-3.0 Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/BuildAndDestroy/blackhat-go

Links

Open Source Insights

README ¶

Harvester example

Chapter 4 goes over an example of phishing web credentials. In this case, Roundcube.

Prerequisites

Roundcube docker image

docker pull robbertkl/roundcube

Source code

docker run --rm -it -p 80:80 robbertkl/roundcube

Visit http://127.0.0.1 using Chrome browser. Cntrl + s to save the website and all of it's js files. Name the file "index.html" and "Webpage,Complete. Your tree structure will look like below but make sure you put them in the public directory you will need to make:

$ tree 
.
└── public
   ├── index_files
   │   ├── app.js
   │   ├── common.js
   │   ├── jquery.min.js
   │   ├── jquery-ui.css
   │   ├── jquery-ui.min.js
   │   ├── jstz.min.js
   │   ├── roundcube_logo.png
   │   ├── styles.css
   │   └── ui.js
   └── index.html

Modify the form parameters to match your local server, not the 127 address, like so:

FROM   <form name="form" method="post" action="http://127.0.0.1/?_task=login">
TO     <form name="form" method="post" action="/login">

Send it

go run main.go

OR

go build -o keyloggertest && ./keyloggertest

A "credentials.txt" file will be created and store our creds and client information.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL