Phishing Frenzy – Ruby on Rails Phishing Framework

Phishing Frenzy is an Open Source Ruby on Rails application that is leveraged by penetration testers to manage email phishing campaigns.

The goal of the project is to streamline the phishing process while still providing clients the best realistic phishing campaign possible.

Also ReadCangibrina – A Fast & Powerfull Dashboard (admin) Finder

Installing Phishing Frenzy on Kali Linux

Clone Repo

Clone the Phishing Frenzy repository using git

# git clone https://github.com/pentestgeek/phishing-frenzy.git /var/www/phishing-frenzy

Install RVM, Ruby and Packages

$ \curl -sSL https://get.rvm.io | bash

At the end of the installation listen to any post install instructions for RVM

Install Ruby 2.1 with RVM

$ rvm install 2.1.5

Install rails

# rvm all do gem install --no-rdoc --no-ri rails

Install mod_passenger for Apache

# rvm all do gem install --no-rdoc --no-ri passenger

Install Passenger

Invoke the passenger installation script

# passenger-install-apache2-module

Installer stated that I was missing a few apache dependencies

# apt-get install apache2-threaded-dev libapr1-dev libaprutil1-dev libcurl4-openssl-dev

Invoke passenger installation script again now that dependencies are installed. Once the Passenger install has completed, ensure you pay attention to the notes and the end. You will need to add 3 lines of text to your /etc/apache2/apache.conf file.

# passenger-install-apache2-module

Install packages we need for MySQL to bundle properly

# apt-get install libmysqlclient-dev

Apache VHOST Configuration

Add Include Statement to apache2.conf and create the file /etc/apache2/pf.conf

Include pf.conf

Add content to pf.conf file

<IfModule mod_passenger.c>
PassengerRoot %ROOT
PassengerRuby %RUBY
</IfModule>

<VirtualHost *:80>
ServerName phishing-frenzy.com
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /var/www/phishing-frenzy/public
RailsEnv development
<Directory /var/www/phishing-frenzy/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>

Uncomment out the line # NameVirtualHost *:443 inside of /etc/apache2/ports.conf to allow SSL Phishing sites to render properly

MySQL

Ensure mysql is running

# service mysql start

Login and create tables and permissions for phishing frenzy development mode

# mysql -u root -p
mysql> create database pf_dev;
mysql> grant all privileges on pf_dev.* to 'pf_dev'@'localhost' identified by 'password';

Install Required Gems

# cd /var/www/phishing-frenzy/

# bundle install

If your web application fails to run because it states your missing a gem, you may need to run

# bundle install --deployment

# rake db:migrate

# rake db:seed

Install Redis

# wget http://download.redis.io/releases/redis-stable.tar.gz

# tar xzf redis-stable.tar.gz

# cd redis-x.x.x/

# make

# make install

# cd utils/

# ./install_server.sh

If you would like to bind redis to the loopback interface checkout redis documentation for more details

Sidekiq Configuration

Create a tmp directory for sidekiq pid

# mkdir -p /var/www/phishing-frenzy/tmp/pids

Start the sidekiq server to interact with redis

# bundle exec sidekiq -C config/sidekiq.yml

System Configuration

Edit the sudoers file to ensure the www-data account can reload apache

www-data ALL=(ALL) NOPASSWD: /etc/init.d/apache2 reload

Load the Efax and Intel default templates for PF using the rake helper

# rake templates:load

Change ownership of phishing-frenzy directory so apache has proper access

# chown -R www-data:www-data /var/www/phishing-frenzy/

Change permissions on the upload directory

# chmod -R 755 /var/www/phishing-frenzy/public/uploads/

Change ownership of sites-enabled directory to allow Phishing Frenzy to manage virtual hosts with Apache

# chown -R www-data:www-data /etc/apache2/sites-enabled/
# chmod -R 755 /etc/apache2/sites-enabled/

Start Apache web server

# apachectl start

Phishing Frenzy is configured with a default login of:

username: admin
password: Funt1me!

Configure HTTPS / SSL

If you would like to run your Phishing Frenzy web UI over HTTPS you can do that with a few additional changes.

Run a few commands to enable the SSL module in apache and create a directory to store the cert and key.

$ sudo a2enmod ssl

$ sudo service apache2 restart

$ sudo mkdir /etc/apache2/ssl

Create our self signed cert using openssl

$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/pf.key -out /etc/apache2/ssl/pf.crt

<IfModule mod_passenger.c>
PassengerRoot %ROOT
PassengerRuby %RUBY
</IfModule>

<VirtualHost *:443>
ServerName phishing-frenzy.com

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/pf.crt
SSLCertificateKeyFile /etc/apache2/ssl/pf.key

# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /var/www/phishing-frenzy/public
RailsEnv development
<Directory /var/www/phishing-frenzy/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>

Update the Application Site URL within Global Settings menu to the appropriate FQDN with the HTTPS address with SSL enabled.

Credit: Brandon zeknox McCann