Thief Raccoon - Windows login phishing tool

Modify SEOmanagerenewUnfollow
•••

• Yesterday 1:52 AM
• Views: 17
• 
  
• Add Bookmark

Thief Raccoon is a tool designed for educational purposes to demonstrate how to conduct phishing attacks on various operating systems . The tool aims to raise awareness of cybersecurity threats and help users understand the importance of security measures such as 2FA and password management.

• Phishing simulations for Windows 10, Windows 11, Windows XP, Windows Server, Ubuntu, Ubuntu Server, and macOS.
• Capture user credentials for educational demonstrations.
• Customizable login screen that simulates a real operating system.
• Full screen mode enhances phishing simulation.

• Python 3.x
• pip (Python package installer)
• ngrok (for exposing local servers to the internet)

1. Clone the repository:

```bash git clone https://github.com/davenisc/thief_raccoon.git cd thief_raccoon

1. Install python venv

```bash apt install python 3.11-venv

1. Create venv:

```bash python -m venv raccoon_venv source raccoon_venv/bin/activate

1. Install the required libraries:

```bash pip install -r requirements.txt

usage

1. Run the main script:

```bash python app.py

1. Select the operating system for the phishing simulation:

After running the script, you will be presented with a menu to select an operating system. Enter the number that corresponds to the operating system you wish to emulate.

1. Visit the phishing page:

If you are on the same local network (LAN), open your web browser and navigate to http://127.0.0.1:5000.

If you want to make the phishing page accessible over the internet, use ngrok.

Using ngrok

1. Download and install ngrok

Download ngrok from ngrok.com and follow the installation instructions for your operating system.

1. Expose your local server to the internet:
2. Get the public URL:

After running the above command, ngrok will provide you with a public URL. Share this URL with your test subjects to access the phishing page over the internet.

How to Install Ngrok on Linux?

1. Install ngrok via Apt using the following command:

```bash curl -s https://ngrok-agent.s3.amazonaws.com/ngrok.asc \ | sudo tee /etc/apt/trusted.gpg.d/ngrok.asc >/dev/null \ && echo "deb https://ngrok-agent.s3.amazonaws.com buster main" \ | sudo tee /etc/apt/sources.list.d/ngrok.list \ && sudo apt update \ && sudo apt install ngrok

1. Run the following command to add your authtoken to the default ngrok.yml

```bash ngrok config add-authtoken xxxxxxxxx--your-token-xxxxxxxxxxxxxx

deploy your application online

1. Put your app online on a temporary domain and forward it to your upstream service. For example, if it is listening on port http://localhost:8080, run:
   
   ```bash ngrok http http://localhost:5000

example

1. Run the main script:

```bash python app.py

1. Select Windows 11 from the menu:

```bash Select the operating system for phishing: 1. Windows 10 2. Windows 11 3. Windows XP 4. Windows Server 5. Ubuntu 6. Ubuntu Server 7. macOS Enter a number of your choice: 2

1. Visit the phishing page:

Open a browser and go to http://127.0.0.1:5000 or the ngrok public URL.

Disclaimer

This tool is intended for educational purposes only. The author is not responsible for any misuse of this tool. Always get explicit permission from the system owner before doing any phishing testing.

License

This project is licensed under the MIT license. See the LICENSE file for more details.

Screenshots

Credits

Developer: @davenisc Website: https://davenisc.com

Download Thief_Raccoon