Usually you will want to run Weeman with DNS spoof attack. (see dsniff, ettercap).
Weeman will do the following steps:
- Create fake html page.
- Wait for clients
- Grab the data (POST).
- Try to login the client to the original page
Requirements
- Python <= 2.7.
- Python BeautifulSoup 4
Install Beautiful Soup
- Archlinux – sudo pacman -S python2-beautifulsoup4
- Ubuntu/Linuxmint – sudo apt-get install python-bs4
- Fedora < 22 – sudo yum install python-beautifulsoup4
- Fedora >= 22 – sudo dnf install python-beautifulsoup4
- For another OS: – sudo pip install beautifulsoup4
Platforms
- Linux (any)
- Mac (Tested)
- Windows (Not tested)
[!] If weeman runs on your platform (Windows), (or not), please let me know.
Usage
Just type help
Run server:
- For port 80 you need to run Weeman as root!
- Host to clone (Ex: www.social-networks.local)
set url http://www.social-networks.local
- “<“form action = “TAKE THIS URL”>”(View the site source and take the URL)
set action_url http://www.social-networks.local/sendlogin
- The port Weeman server will listen
set port 2020
- Start the server
run
The settings will be saved for the next time you run weeman.py.
Get Weeman
git clone git://github.com/Hypsurus/weeman