vFeed


BlackhatUS2012

Published on August 13th, 2012 | by NJ Ouchn

0

Blackhat Arsenal 2012 Releases: Ice-Hole Phishing Awareness email program v0.3 available

Ice-Hole is a phishing awareness email program. It is designed to help security analysts/System Administrators keep track and test end users.  The tool can be used in conjunction with various third party software like SET, Java Keystroke loggers and the BEEF framework to create real life social engineering attacks. Ice-Hole can also be used with training websites to not only capture when a user clicks on a link, but register when their training has been completed. A simple email phishing tool that can be expanded upon in multiple ways

Darren during the Interview Session at Blackhat Arsenal 2012

To run Ice-hole you just run the run_training.bat file.

This brings up the main screen. The first step is to configure the SMTP settings. This is achieved by clicking on the configure SMTP button.Type in the IP or hostname of the server. Add in the authentication if required. (currently TLS/SSL is under development – its hit and miss if TLS/SSL works right now).You can click TEST to test it or Save to save the file. Once saved, you can load a prefilled phishing template. Currently there is only one, but more will be added. You can fill in the From, To and subject line.

Before you send the email, click on the start button to start the listener.  Once the listener has started hit the send button and the emails will be sent out. Now all you have to do is await a user to click on it.

The hyper link should point to :

http://<ipaddress>:4444/training1.html

The training document can be altered by dreamweaver etc…but the templates must be saved while in Ice-Hole.

The IP address is the IP address of the system that Ice-hole is running on. The listener port can be altered in the mail.properties file.

When a user clicks on a link, they are presented with a short html document that will, in time become a training video/session. Once they have completed the training session they can click end and the training will have been logged by the software. A user receives the email. When the user clicks on the link, instead of something malicious happening to them, they will be redirected to a training page.At the same time their IP address, email and what template was clicked on is registered.

Once they have completed the training, a completion page pops up and the time is noted that the training was completed is registered.

Download

Next ToolsTube with Darren Manners

Tags: , ,


About the Author

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"



Back to Top ↑