A robust Phishing Framework with a full featured CLI interface. The project was born out necessity through of years of engagements with tools that just didn’t do the job. Even though there are many projects out there, we were not able to find a suitable solution that gave us both easy of use and customizability.
Cartero is a modular project divided into commands that perform independent tasks (i.e. Mailer, Cloner, Listener, AdminConsole, etc…). In addition each sub-command has repeatable configuration options to configure and automate your work.
For example, if we wanted to clone gmail.com, we simply have to perform the following commands.
./cartero Cloner --url https://gmail.com --path /tmp --webserver gmail_com ./cartero Listener --webserver /tmp/gmail_com -p 80 Launching mongodb Puma starting in single mode... * Version 2.8.2 (ruby 2.1.1-p76), codename: Sir Edmund Percival Hillary * Min threads: 4, max threads: 16 * Environment: production * Listening on tcp://0.0.0.0:80 Use Ctrl-C to stop
Once we have a site up and running we can simply use the Mailer command to send templated emails to our victims:
./cartero Mailer --data victims.json --server gmail_com --subject "Internal Memo" --htmlbody email_html.html --attachment payload.pdf --from "John Doe <firstname.lastname@example.org>" Sending email@example.com Sending firstname.lastname@example.org Sending email@example.com
Using brew 2.1.5 ruby as default ruby library
curl -L https://raw.githubusercontent.com/Section9Labs/Cartero/master/data/scripts/setup.sh | bash
git clone https://github.com/section9labs/Cartero cd Cartero gem install bundle bundle install cd bin
Cartero is a very powerful easy to use CLI.
./cartero Usage: cartero [options] List of Commands: AdminConsole, AdminWeb, Mailer, Cloner, Listener, Servers, Templates Global options: --proxy [HOST:PORT] Sets TCPSocket Proxy server -c, --config [CONFIG_FILE] Provide a different cartero config file -v, --[no-]verbose Run verbosely -p [PORT_1,PORT_2,..,PORT_N], Global Flag fo Mailer and Webserver ports --ports -m, --mongodb [HOST:PORT] Global Flag fo Mailer and Webserver ports -d, --debug Sets debug flag on/off --editor [EDITOR] Edit Server Common options: -h, --help [COMMAND] Show this message --list-commands Prints list of commands for bash completion --version Shows cartero CLI version