SUP, My fellow hackers!
This time I am doing a tutorial on a tool called TRAPE, it can track and do things in the victim's device.
No more boring thing like the previous tutorials like mass mail and john the ripper....
What you would need is Kali Linux, a linux made for hacking, if you are new then I really advice this.
I did a tutorial on TrackURL which tracks people, but this one is better, you can send messages to the victim, download a file to the device, show which website it went in to, constantly tracking, and we can do more.
If you are interested in TrackURL, click this link.
Enough talking, lets get right into the tutorial.
Step 1: Clone It!
Yes, you know me, I start with cloning since programs inside Kali is limited.
So to clone it, type in the terminal :
git clone https://github.com/boxug/trape.git
And, it will do stuffs.
Now, lets get permission into it by :
chmod -R 755 Trape
Then, get in the file by : "cd Trape".
Lets see what is inside that folder. type : "ls"
Oh, we have some stuffs!
You have the same thing? Lets keep going.
Step 2: Installing the Requirements
Before executing to script, we first have to install some specific requirements.
To install them, simply type :
pip install -r requirements.txt
If you don't have the requirements, then it will automatically get the requirements, and if you already have them installed like me, then there is nothing to worry about.
Step 3: Launching Script & Control Pannel
Unlike the other scripts like Metasploit, Trape is controllable on the web.
(It's beginner friendly!)
But first, execute the script.
You can execute the script by :
python trape.py -u URL -p PORT
Don't type it exact as mine.
In the URL, you have to put the url that you want to clone.
(So if I put https://www.youtube.com int the URL,then the phishing web will look like YouTube)
In the PORT, put your port.
I did it like this.
Click enter, then it will show 3 things :
The link to lure the victims, The control panel link, and the access key to it.
If you think that the victims will think suspicious, then you can shorten the link using bit.ly, ad.fly, all those things.
Now, copy and paste the Control Panel link on the web.
And put the access key it gave you in the terminal.
Let me just copy and paste that.
And send the link to the victim.
Takes a bit of social engineering, I sent it to my brother
(He completely doesn't know about this he is in the living room watching movies right now)
Ah-ha!!!! Got him!
You could have just sent a real meme site to make it look real, but I just said that I trolled him.
And haha his profile pic is the skeleton from TrackURL(We have the same icloud account so....)
He went in, so we can see everything.
Oh yeah, forgot to mention that it be used to a lot of victims.
Lets see what he is up to.
Don't think it's rubbish, my art is gorgeous(For some privacy reason)
In the Attacks Hook button next to the Information, you can download files and send messages and do stuff!
If you want to hack the victim's device perfectly, you can make a website and make the victim redirect to your website, you can just let the victim download a payload made by Metasploit and take control completely!(There is a button for these)
Sorry, I can't show you those because I forgot to take snaps of those attacks (and I am lazy)
Did It Work?
Please comment down below for where to improve, and some suggestions to what I can do next!
If you need help, comment, I will try my best to help you!
34 Responses
Really interesting tool
But i seem can't connect to generated link from othr device.
it's allways "Site 127.0.0.1:8080 not found"
@edit: Nvm...I am just stupid. Like noob stupid. Just neded to add my ip adress, not localhost :D
hi how do i change my the ip address to public ip address
This is great!
Nice trick's!
But, is it possible over WAN?
Yes, add your IP like H0S7 ....
and shorten the link so the victim will not be suspicious.
Public IP sir?
Use public IP, and you also have to port forward.
didn't try with the public ip. Local ip worked fine.
Can you explain a little how to use local ip for this?
Instead of 127.0.0.1. in generated link, ad your local ip and send it to victim
can you just tell me how , i tried running trape in kali in my vmware and used kalis local ip , access that new url in host machine , it doesnt provide me any logged in victims in the trape panel !!
Justin how i can contact you?
public.email.jc@gmail.com
There are peoples that are asking me that how do you do it over WAN, you can use Ngrok to do that. Even the creator of this script told me.
This is similar to beef ?
In someway.
how do i change this to my ip
You can use Ngrok.
I Get a 500 internal server error when i try to use link to myself please help
500 internal server error... That is not the script's problem.. it's yours.
Try these steps, it might work again in any steps.
2.clear browser cache
3.delete browser cookies
First try these.
how would i use ngrok
You will first need to install ngrok from the ngrok webpage. You can google to get a exact tutorial on how to use ngrok.
it is a nice tool worked with my ipalso but,we cannot send the generated link to people who are not in ournetwork it only works within your network.Is there any way out that the generated link will work when people access it on other network.
use cisco router
Hi thank you for the Tutorial .
I have a question . .wich Port i have to Use . . have to Port forwarding this Port?
When i do that after create the link IT cant be opened nothing See that Somebody has opened the Link . .
It's asking for Google api key and i don't have 300 dollars to pay for it...is there any other way...the new version of trape is asking for api keys which we have to buy from google cloud platform... Please reply...
i used a random API key generator...use your google fu.
use that key it worked for me.
No module named httplib , error ?
it is showing only "Successful startup, get lucky on the way!"
trape is not displaying
hey buddy my trape is giving error "config_trape" please can you help
This is the error I have been getting
Hi! I am very new to all of this, but I need help. I'm not sure if this still works- in Termux... I got this to run and I got the links (lure for user, etc.) but then I get error permission denied. Where am I going wrong. FYI: I'm tying to use Ngrok but everything I try to use with ngrok fails..
Any help would be appreciated!
Anybody? Anywhere? This would be amazing if we could revitalize it and get it to work. :)
My link is not working other device
anyone can help me
Share Your Thoughts