One of our friends in poly got hacked and had his private DBS credentials stolen. This was done by a man-in-the-middle attack from the hacker through a phishing website. Hence, we decided to replicate this attack advocate people to stay vigilant on websites that they visit.
What it does
Steal your DBS user credentials.
How we built it
By setting up a DNS server, a spoofing network, and an apache server which was coded to imitate the real DBS ibanking login page.
Challenges we ran into
1) Adding internet capabilities for the server. (But resolved eventually)
2) Issues integrating a while loop to slack.
3) Unable to translate domain name to ip. (But resolved eventually)
Accomplishments that we're proud of
1) We manage to send the DBS user credentials to a slack workplace.
2) We resolved two of the challenges that we were facing for quite some time.
3) The phishing site looks 99% like the real website.
What we learned
1) How to install and configure freeradius.
2) How to use the Slack API.
3) dnsmasq interferes with an external dns server.
What's next for WhyFish?
1) We will implement a self signed ssl certificate to make the website look even more realistic.
2) Implement a bash script to continuously send the stolen DBS user credentials.