/smishing

Smishing is a python script that send SMS using Phishing Frenzy framework

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

Smishing

The Smishing purpose is to be able to track SMS Phishing message with the Phishing Frenzy project. When a victim click on the link in the SMS, it will be tracked in Phishing Frenzy. Smishing will send SMS to the list of target.

smishing

How to use smishing.py

First, you will need to create a smishing.conf file in the root smishing folder.

{
    "recovery": true,
    "savedRecoveryFileName": "recovery.list",
    "cost": 0.0075,
    "sleep": 2.0,
    "senderPhoneNumber": "",
    "useColor": true,
    "loggingLevel": "info",
    "loggingFileName": "sendtest.log",
    "savedVictimFileName": "victims.list",
    "TWILIO_AUTH_TOKEN": null,
    "TWILIO_ACCOUNT_SID": null
}

You will need to fill the following field (in quoted ""):

  • senderPhoneNumber
  • TWILIO_AUTH_TOKEN
  • TWILIO_ACCOUNT_SID

The message you want to send is in message.txt.

  • {firstname} correspond to the firstname of the victim
  • {lastname} correspond to the lastname of the victim
  • {uid} correspond to the Phishing Frenzy UID. You can use it like this: http://test.com/?uid={uid} in the SMS

Once the smishing.conf is filled, you will be introduced with the following menu:

python3 smishing.py

Screenshot from 2020-05-04 12-08-30

How to use phishingfrenzy.py

This script is just to convert the XML targets list from Phishing Frenzy to CSV format. Then, the Smishing script can import those targets.

python3 phishingfrenzy.py

usage: phishingfrenzy.py [-h] xml_file csv_file

positional arguments:
  xml_file    XML file from PhishingFrenzy that is usually called
              download_stats.xml.
  csv_file    Write to CSV file.

optional arguments:
  -h, --help  show this help message and exit