Ghost Phisher-GUI suite for phishing attacks for Fake DNS, DHCP and BLA, BLA, BLA...!
GUI suite for phishing attacks for Fake DNS, Fake DHCP, Fake HTTP, Credential Harvester. A similar tool which we have discussed imposter here. ghost-phisher is updated and has many latest tool included.
Ghost Phisher is a computer security application that comes inbuilt with a Fake DNS Server, Fake DHCP Server, Fake HTTP server and also has an integrated area for automatic capture and logging of HTTP form method credentials to a database. The program could be used as an honeypot, could be used to service DHCP request , DNS requests or phishing attacks
Requirements:
- python,
- python-qt4,
- dhcp3-server,
- ettercap-gtk
Currently supports debian, ubuntu systems only.
To install simply run the following command in terminal after changing directory to the path were the downloaded package is:
root@host:~# dpkg -i Ghost-Phisher_1.2_all.deb
Click here to view video tutorial for ghost-phisher
Icons and Running the application:
Software Icons can be found at the application Menu of the GNOME desktop interfaces
Icon can also be found at /usr/share/applications for KDE and also GNOME:
There you find “Ghost Phisher.desktop”
Download Ghost Phisher v1.2 here
@firebitsbr
Re: Ghost Phisher-GUI suite for phishing attacks for Fake DNS, DHCP and BLA, BLA, BLA
Excellent TOOL!
One question i had though.....
Is it possible to duplicate secure cookies, by using your software?
What i mean by secure cookies is....... some online banking sites (HTTPS), store a secure cookie on your computer so that the next time you visit their site... they won't ask you security questions to verify your identity.
Now sslstrip & ettercap along with fake AP tools can get the login / pass. But is there a way to capture the secure cookie... so that it can be placed or emulated and sent back to the site when it requests it... that way avoid answering security questions for login?
Thanks in advance!
PS: I don't wish to break into anything or do anything illegal.... this is strictly for educational purposes.
Re: Ghost Phisher-GUI suite for phishing attacks for Fake DNS, DHCP and BLA, BLA, BLA
I cant seem to run it... why?
Re: Ghost Phisher-GUI suite for phishing attacks for Fake DNS, DHCP and BLA, BLA, BLA
HELP!
I try start Fake DHCP server, but ---->
Internet Systems Consortium DHCP Server V3.1.3
Copyright 2004-2009 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Can't open /tmp/ghost_dhcpd.conf: Permission denied
ghost_dhcpd.conf file permissions not preserved.
Re: Ghost Phisher-GUI suite for phishing attacks for Fake DNS, DHCP and BLA, BLA, BLA
I believe the dhcpd.conf files needs to be in the /etc/ directory.. try this:
Code:
cp /tmp/ghost_dhcpd.conf /etc/dhcp3/ghost_dhcpd.conf
then make sure the script calls the ghost conf file from the /etc/dhcp3 directory.. should work then!
*Note to developers. you may want to change this in the script itself to avoid further issues for people. To solve the above issue, line 41 & 42 of ghost_phisher.py might be changed to:
dhcp_config_file = "/etc/dhcp3/ghost_dhcpd.conf"
dhcp_pid_file = "/etc/dhcp3/ghost_dhcpd.pid"
Hope that helps!
Re: Ghost Phisher-GUI suite for phishing attacks for Fake DNS, DHCP and BLA, BLA, BLA
@croc80
Did you run the application as root? :) , if not, then what version of ghost are you using?..
@J0hnnyb14z3
The program is set not to use the conf settings file in the /etc/ directory but the created one at /tmp/ - This is to avoid modifying the default dhcpd server set variables , but Note taken ill be sure to make the program more flexible in this aspect, Thanks Dude :)
