How to use ShellPhish in mobile phone – Advance Phishing tool

In the previous tutorial we talk about how to install and how to do basic penetration testing using termux. Today we are going to use another tool with advance knowledge. Before the use this tool, I want to say “This tutorial is education purpose only. Don’t misuse it SecDevil will not hold any responsibility.” Ok, now we start our tutorial.

If you don’t know about “How to install termux? Or what are the basic codes is termux?” watch our previous tutorial from this link.

Mobile phone Ethical Hacking & Penetration Testing platform (Termux)

Frist of all I also introduced what is this Shellphish tool?

This tool is also include in kali-linux. This is advanced phishing tool for worldwide users.

What happened is this tool?

In this tool we never want any programming knowledge to develop phishing tool. After we choose which website we want to phishing its automatically generate a phishing page. After we send link to victim, he/she should be logged into this script. If he/she logged in we automatically receive their email and password. Not only that we actually can find victim IP address by this script. (its most helpful for spoofing.) Now we start to learn how to build a phishing page using Shellphish.

First open termux app and then insert following codes.

‘apt update’ – type and press enter.

‘apt upgrade’

‘pkg update’

After input ‘pkg update’ its ask (y/n) while the process. Type ‘y’ and hit Enter. Like that type lower commands and if its ask (y/n) type ‘y’ and hit Enter.

pkg install python2

Pkg install curl

Pkg install openssh

apt-get install git

apt-get install php

apt-get install wget

Then we need to download file from github. Use this code and press Enter.

git clone https://github.com/thelinuxchoice/shellphish

(Now we use ls command, be careful it’s not an i) now enter these commands and hit enter.

cd shellphish

ls

chmod+x*

ls

bash shellphish.sh

ls

Now tool is working fine. We need to choose one website for build phishing script. I will choose facebook as example. Now type ‘2’ and hit enter again.

Now we need to host these files. Normally people use ngrok for this. But it’s not suitable for phishing scripts. We already installed ssh in previous commands. Let’s use it for this. Type ‘1’ and hit enter.

It’s take some time for the process. After build it you can see “send this link to victim” message.

After he/she logged into script you can see all details of victim.

FAQ

Q – I have some problem to install this. (How to install basic tools in Termux?)

A – Try again with these codes. If you can’t solve that problem comment here or Google it.

Q – Why I can’t see any link “send this link to victim” section?

A – Because of this tool needs root permission. Root your mobile device or wait for learn how to install root access need tools in Termux without root your device.

Q – Is this safe?

A – 100% yes. This is a one of the mostly safe method among other ways.

Q – Can I contact you?

A – Yes, Using our community forum or contact me on social media.

Q – Can we build phishing page for other website? A – Yes, but without using this script. You can make your own script for that.

2 thoughts on “How to use ShellPhish in mobile phone – Advance Phishing tool

  1. ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/data/data/com.termux/files/usr/tmp/mysqld.sock’ (2) site:github.com
    Solution Please

Leave a Reply

Your email address will not be published. Required fields are marked *