How to Install and Use Zphisher in Termux

Hello everyone! Last week, I shared a tutorial on Weeman, a phishing tool in Termux. Weeman sometimes might not work perfectly; therefore, today I will introduce you to Zphisher, another phishing tool in Termux that works 100%. Let’s get started!

What is Zphisher in Termux?

Zphisher is a simple tool used to perform phishing attacks for popular social media platforms like Facebook, Instagram, and Twitter. It is designed to be easy to use, even for beginners. You can run Zphisher on an Android device using Termux, which is a terminal emulator that lets you run Linux commands directly on your phone. In this guide, I will show you how to install and use Zphisher in Termux step by step.

Warning! This guide is intended for educational purposes only. Phishing attacks are illegal and unethical if used without explicit permission from the target. Unauthorized use of these techniques can result in severe legal consequences. Always obtain proper authorization before performing any testing. The author and this website do not endorse or encourage illegal activities in any form. Use these tools responsibly and for ethical purposes only.

How to Install Zphisher in Termux

Follow these steps to install and run Zphisher in Termux:

1. Update Termux Packages
   

   Once Termux is installed on your Android device, open it and run the following command to update the package list:

   apt update && apt upgrade -y

   This ensures that all the necessary packages and dependencies are up to date.

2. Install Required Dependencies
   

   Zphisher requires several tools to work. Install them using the command below:

   pkg install git curl php openssh -y

   This will install Git, Curl, PHP, and OpenSSH on your device.

3. Clone Zphisher from GitHub
   

   Now, clone the Zphisher repository by running:

   git clone https://github.com/htr-tech/zphisher.git

   This will download the Zphisher tool and save it in a folder named zphisher.

4. Navigate to the Zphisher Directory
   

   Switch to the Zphisher directory using this command:

   cd zphisher

5. Grant Execution Permissions
   

   Give the Zphisher script permission to execute by typing:

   chmod +x zphisher.sh

6. Run Zphisher
   

   Finally, start Zphisher with the following command:

   ./zphisher.sh

   This will install the required packages, including cloudflared and LocalXpose. Please wait a few seconds for the installation to complete.

   

You’re now ready to explore the features of Zphisher! Always remember to use it responsibly and ethically.

How to Use Zphisher in Termux

After setting up Zphisher, follow these steps to simulate a phishing page:

Select the Target Platform: Once Zphisher is running, it will display a list of platforms to choose from, such as Facebook, Instagram, and others.

For example, to simulate a Facebook phishing page, enter 1 and press Enter.

Choose a Phishing Page: Zphisher provides several templates for each platform. For Facebook, the options are:

[01] Traditional Login Page
[02] Advanced Voting Poll Login Page
[03] Fake Security Login Page
[04] Facebook Messenger Login Page

Select the Traditional Login Page by entering 1 and pressing Enter.

Select Port Forwarding Method: Zphisher will prompt you to choose how to share the phishing link. The options are:

[01] Localhost
[02] Cloudflared [Auto Detects]
[03] LocalXpose [NEW! Max 15Min]

Beginners are advised to use Localhost by entering 1 and pressing Enter.

Set a Custom Port: Zphisher will ask if you want to set a custom port:

[?] Do You Want A Custom Port [y/N]:

Enter y and provide a 4-digit port number (e.g., 5555) when prompted.

Copy and Open the Phishing Link: After completing the steps, Zphisher will generate a phishing link.

Copy the link and open it in your browser. On the phishing page, try entering some sample login credentials to test the setup.

View Captured Credentials: Once login details are entered on the phishing page, Zphisher will display them in the Termux terminal. This includes the username and password entered by the target.

Important Reminder: Use Zphisher only for educational or authorized testing purposes. Unauthorized use is illegal and unethical. By following these steps, you can test how phishing attacks work and understand their risks in a controlled environment.

How to Make the Phishing Page Accessible on the Internet

To share your phishing link with a target, you need to make it accessible over the internet. One way to do this is by using Cloudflared to create a secure tunnel for your link. Here’s how to do it:

Open a New Termux Session: While Zphisher is running, swipe from the left side of Termux to open the session menu. Select New Session to open another terminal window.

Install Cloudflared: In the new session, install Cloudflared using the following command:

pkg install cloudflared

Create a Tunnel: Run Cloudflared to create a tunnel for your phishing link:

cloudflared tunnel --url http://127.0.0.1:5555

Replace http://127.0.0.1:5555 with the phishing link generated by Zphisher.

Get the Shareable Link: After running the command, Cloudflared will generate a new link. This link is accessible over the internet and can be shared with your target.

Success!

Congratulations! You have successfully learned how to install and use Zphisher in Termux. Remember to use this knowledge responsibly and for educational purposes only.

Conclusion

Zphisher is a powerful tool for learning about phishing techniques and testing security measures. By following this guide, you can install, run, and share phishing links responsibly using Termux.

If you face any issues or have questions, feel free to leave a comment, and I’ll assist you promptly!