/Okta_Watering_Hole

Next Generation Phishing Tool For Internal / Red Teams

Primary LanguagePython

Okta Watering Hole

Authors: Alex Bainbridge, Robert Leonard

Okta Watering Hole is an automated tool for setting up an advanced Okta phishing campaign.

It supports a variety of options and should work out of the box to man in the middle all non-U2F 2FA factors. (If a given user has a U2F factor, they are prevented from using it on this phishing site)

Two servers will be created and running, as well as several supporting threads. Reserved ports are 443 and 4158 or (phish), if desired the port can be changed in the source.

*Note - The sessions thread can take a few minutes to quit due to the sleep timer

Usage

Usage: Okta_Phishing_Setup.py [options] target_okta_url replace_okta_url cert.pem key.pem

ex. Okta_Phishing_Setup.py -q https://praetorianlabs.okta.com http://myphish.okta.com cert.pem key.pem

Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit
  -q, --quiet           don't print status messages to stdout
  -o LOG_FILE, --out-file=LOG_FILE
                        destination of log file for writing setup logs
  -g GO_PHISH, --go-phish=GO_PHISH
                        location of gophish listener
  -p PAYLOAD, --payload=PAYLOAD
                        location of payload to download to users desktop.
                        Named 'okta_web_update'
  -x EXTENSION, --extension=EXTENSION
                        extension for payload option. Default: 'exe
  -c CONTENT_TYPE, --content-type=CONTENT_TYPE
                        content type for payload. Default: 'application/octet-
                        stream'

Screen Caps

alt text

alt text

alt text

alt text