Tuesday, March 5, 2019

Tracking people with Trape

Trape is a tool that you can use to track people activity online. This tool can also be used to perform a phishing attack and steal credential or combine this tool with Metasploit to inject a payload into the victim's computer by generating a payload with Metasploit and use this tool to send the executable file to the victim's computer so it can be executed.

To run Trape follow the instruction below.

1. Turn on your Kali machine, open a terminal and execute the following command

git clone https://github.com/boxug/trape.git

2. cd trape

3. python trape.py -h OR python trape.py

Note: After you execute this command and the system is giving an error try this executing this command:

pip install -r requirements.txt. Let it finish its thing and you should be able to run Trape again. Trape might ask you to register an account with ngrok, if it does go ahead and do that. After you are done with registering an account with ngrok get the key and put it into Trape. After that, you will also need to get a Google maps API key. This is completely optional if you want to track the victim's laptop location using Google Maps, but if you don't want that information then you don't have to get it.

Also, note that if you are using the python trape.py -h you will see a screen like below

And if you use the command python trape.py you will see a screen like this

Whatever command you decided to use in the end, it all works the same. I preferred using the command python trape.py simply because the tool will tell me exactly what I need to put in.

Now if you are using the command without the -h all you have to do is follow the on-screen instruction to start attacking. But if you are using the command python trape.py -h than you will have to follow the usage command to setup Trape to work the way you want.

Example: python trape.py -u www.google.com -p 80 where www.google.com can be any website you want and 80 can be any port number you want, I just decided to choose Google and port 80 for this tutorial.

After you are done setting up your URL and port number, Trape will give you a link to send to the victim, a link for you to access the control panel and an Access key which you will need to copy and paste into the password box at the control panel login page to access the control panel.

Use your Access Key at the screen like the one below and click SIGN IN

From here all you have to do is wait for the victim to click on your link and you can use the control panel to track his or her computer.

If you are still confused about anything above just watch the video below. 


Post a Comment