Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home News

Evil QR – Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice

admin by admin
August 24, 2023
in News




Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing.

It consists of a browser extension used by the attacker to extract the sign-in QR code and a server application, which retrieves the sign-in QR codes to display them on the hosted phishing pages.

Watch the demo video:

Read more about it on my blog: https://breakdev.org/evilqr-phishing

Configuration

The parameters used by Evil QR are hardcoded into extension and server source code, so it is important to change them to use custom values, before you build and deploy the toolkit.

parameter description default value
API_TOKEN API token used to authenticate with REST API endpoints hosted on the server 00000000-0000-0000-0000-000000000000
QRCODE_ID QR code ID used to bind the extracted QR code with the one displayed on the phishing page 11111111-1111-1111-1111-111111111111
BIND_ADDRESS IP address with port the HTTP server will be listening on 127.0.0.1:35000
API_URL External URL pointing to the server, where the phishing page will be hosted http://127.0.0.1:35000

Here are all the places in the source code, where the values should be modified:

server/core/config.go:

server/templates/index.html:

extension/background.js:

Installation

Extension

You can load the extension in Chrome, through Load unpacked feature: https://developer.chrome.com/docs/extensions/mv3/getstarted/development-basics/#load-unpacked

Once the extension is installed, make sure to pin its icon in Chrome’s extension toolbar, so that the icon is always visible.

Server

Make sure you have Go installed version at least 1.20.

To build go to /server directory and run the command:

Windows:

Linux:

chmod 700 build.sh
./build.sh

Built server binaries will be placed in the ./build/ directory.

Usage

  1. Run the server by running the built server binary: ./server/build/evilqr-server
  2. Open any of the supported websites in your Chrome browser, with installed Evil QR extension:
https://discord.com/login
https://web.telegram.org/k/
https://whatsapp.com
https://store.steampowered.com/login/
https://accounts.binance.com/en/login
https://www.tiktok.com/login
  1. Make sure the sign-in QR code is visible and click the Evil QR extension icon in the toolbar. If the QR code is recognized, the icon should light up with colors.
  2. Open the server’s phishing page URL: http://127.0.0.1:35000 (default)

License

Evil QR is made by Kuba Gretzky (@mrgretzky) and it’s released under MIT license.





Source link

Tags: cybersecurityethical hackinghack androidhack apphack wordpresshacker newshackinghacking tools for windowskeyloggerkitkitploitpassword brute forcepenetration testingpentestpentest androidpentest linuxpentest toolkitpentest toolsspy tool kitspywaretools
Previous Post

Block ads on all your devices using pfSense, Squid & SquidGuard

 Next Post

Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware
Next Post

Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware

Recommended

Graphical Interface For PortEx, A Portable Executable And Malware Analysis Library

6 months ago

New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints

2 weeks ago

© Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.