Storm breaker is a social engineering tool that can be used to access the location, webcam, microphone, and Os Password Grabber Using Ngrok Link.
Features:
- It can get device information.
- It can provide location.
- Fetch Os Password.
- It can access Webcam.
- It can access the microphone.
Requirements:
Installation:
First clone the tool from the GitHub repository, by:
git clone https://github.com/ultrasecurity/Storm-Breaker
Fig 1: Cloning tool from GitHub repo.
Change the directory.
cd Storm-Breaker
Now we need to see whether the Linux-installer.sh has executable permissions or not. Enter the following command:
ls-la
Fig 2: Linux-installer.sh doesn;t have executable permission.
Give executable permission to linux-installer.sh by:
chmod +x linux-installer.sh
Check whether it gets executable permission or not.
Fig 3: Executable permission given.
Now run the following command:
./linux-installer.sh
Fig 4: Reading package lists.
Install the required requirements by the following command:
pip3 install -r requirements.txt
Fig 5: Installing the requirements.
Also, we need to give executable permission to Storm-Breaker.py.
chmod +x Storm-Breaker.py
Fig 6: Executable permission given to Storm-Breaker.py.
Usage:
Run the tool with the command given below:
python3 Storm-Breaker.py
Storm-Breaker options:
Storm-Breaker mainly provides 6 options.
Fig 7: Storm-Breaker options.
Access webcam:
To access the webcam of the target, type 1 and hit enter. Now choose the required option according to your wish.
Fig 8: Options under webcam.
It generates two links, 1st to worldwide and 2nd to local hosts. Send this link to the target.
Fig 9: Send this link to the target.
Target click on the link and give permission to use the camera.
Fig 10: Simple webpage for Target.
As soon as the target clicks on the camera button, the page shown below will pop up and we will have his image and device info.
Fig 11: Page to confuse Target.
We can see in the picture shown below that now we have the target’s device info and his images, which are saved automatically in the images folder.
Fig 12: Target’s device info and images.
Access Location:
To access the location, type 2 and hit enter. Again, type 2 and hit enter.
Fig 13: Options under Location.
It generates two links, 1st to the worldwide and 2nd to localhost. Send the link in the image shown below to the target to get his location.
Fig 14: Send the link to the target.
The target is shown a simple web page when he accesses the link.
Fig 15: Simple web page to show targets..
When he clicks on the change location button, an alert is generated showing.
Fig 16: Alert generated.
And just like that, we receive the link to see his location.
Fig 17: Target location is received.
Open this link in your web browser.
Fig 18: Target’s location.
OS password grabber:
To get the target’s OS password, type 1 and hit enter.
Fig 19: OS Password Grabber.
It generates two links, 1st to worldwide and 2nd to local hosts. Send this link to the target shown below.
Fig 20: Target link.
When the target accesses this link, the password screen is prompt to enter his password.
Fig 21: Target enter OS password.
As soon as he enters the password and hits enter, he is redirected to a web page.
Fig 22: Redirected to Youtube web page.
And boom, we get his OS password.
Fig 23: Target’s OS password.
So, Strome breaker is a social engineering tool that can be used to access the location, webcam, microphone, and Os Password Grabber Using Ngrok Link. It can be very useful for cyber professionals who are red team members or for police cyber cells to lure their victim into giving his location, OS password, etc.
Like Article
Suggest improvement
Share your thoughts in the comments
Please Login to comment...