Weeman is a very simple http server python script. Weeman can create powerful phishing pages in localhost or same network. It work like other phishing framework, in simple words it takes username and password from users when they type username and password and the credentials grab by weeman and will show in terminal. In this tutorial we learn how to use weeman and make the phishing page working on internet on only in localhost.

Screenshot from 2019-07-10 21-08-00.png

Weeman is not comes with Kali Linux so, we need to clone this tool in our Kali Linux system from weeman's Github repository by using following command:
git clone https://github.com/evait-security/weeman

The screenshot of the command is following:

Screenshot from 2019-07-06 20-40-49.png

Then we need to go into the directory where weeman is downloaded, To do this we use following command:
cd weeman

Now we can run this tool by applying following command:
python weeman.py

The screenshot is following :

Screenshot from 2019-07-06 20-45-39.png

We can see that weeman is started successfully. Now we set the port by using the command:
set port 8080

Here we create a phishing page of facebook.com. So the command to set phishing page for facebook.com is following:
set url https://facebook.com

The screenshot is following:

Screenshot from 2019-07-06 20-49-37.png

Then we need to run the server using run command:

The screenshot is following:

Screenshot from 2019-07-06 20-57-42.png

In the above screenshot we can see that we can access the phishing page by typing localhost:8080 in browser's address bar, and we see that Facebook phishing page is ready in localhost. Check the following screenshot:

Screenshot from 2019-07-06 21-16-14.png

We can type our internal ip address in the place of localhost.

Done we did it but wait this is for localhost only that means this page is available for same network. Then how to forward this over internet ?

We will use SSH to forward our port that other network's devices can access our localhost. But how? Ngrok is not stable specially the free version. We use serveo.net.

Here in short (not discussing in depth) use following command in another terminal to forward our localhost :
ssh -R 80: serveo.net
ssh -R 80: localhost.run

Then we got a unique URL. Using this URL we can forward our localhost phishing page in internet. See the screenshot below:

Screenshot from 2019-07-10 20-47-59.png

Now we can catch victim from anywhere not only in local network. When user tries to log in from our link he will be trapped, and he will be forwarded to real Facebook. The credential will show in weeman's terminal as following:

Screenshot from 2019-07-10 20-55-41.png

Any question or problem ? Better suggestion ? Fell free to comment in the comment section below.

Like our tutorials ? show the support by shearing our tutorials with friends or recommend them our site.