A demo is shown below where port 80 has the Gmail login page and port 81 has the Facebook login page. Now you can easily access the different sessions by appending the query parameter &port=80 or &port=81. The second TigerVNC session (port 5902) will be publicly accessible on port 81. The first TigerVNC session (port 5901) will be publicly accessible on port 80. Use vncserver -list to check which ports each session is using. I’ll be keeping it simple and launching 2 instances. The solution is quite simple and can be easily automated.įirst, launch X number of instances of TigerVNC. But what if you’d like to run a large phishing campaign and require several VNC instances? Remember, you cannot send the same link to different users since they’d be sharing the same VNC session. So far what I’ve shown you will get you a single phishing page running which is good enough if you’re planning on spear phishing. But if you’re too lazy to read it here’s a TLDR of the commands you need to run: After various tests I’ve opted to use TigerVNC and you should too as it’ll save you a headache later on. I tested two VNC software: TightVNC & TigerVNC. ![]() Step 2 - Install TigerVNCįirst we need to install a VNC software. I’ll be using Ubuntu 20.04 for this demo but of course it can be any other Linux flavour you’re comfortable with. Use any cloud service provider to deploy a Linux machine. NoVNC Setup & Demo Step 1 - Deploy an Ubuntu Instance
0 Comments
Leave a Reply. |