Muraena: An Advanced Phishing Proxy
Share
This guide provides a step-by-step process for installing and configuring Muraena, a tool that relies on Redis for data persistence and requires DNSMasq and SSL certificates for proper functionality.
1. Installing and Configuring Redis
Muraena depends on Redis for data persistence. Follow these steps to set up Redis:
1.Install Redis:
On Ubuntu, use the following commands:
sudo apt update
sudo apt install redis-server
Ensure Redis is running as a service:
sudo systemctl enable redis
sudo systemctl start redis
2.Configure Redis:
Open the configuration file:
sudo nano /etc/redis/redis.conf
Ensure the bind directive includes 127.0.0.1 (default setting) and disable password authentication by leaving requirepass commented out.
3.Verify Installation:
Test connectivity using the Redis CLI:
redis-cli ping
Expected output: 'PONG'.
Redis will now be accessible at tcp://127.0.0.1:6379 without SSL or authentication, as required by Muraena.
2. Configuring DNSMasq for Local Testing
DNSMasq is used to handle a custom top-level domain (TLD) for testing purposes, such as .muraena.
1.Install DNSMasq:
On Ubuntu, run:
sudo apt install dnsmasq
2.Edit Configuration:
Open the DNSMasq configuration file:
sudo nano /usr/local/etc/dnsmasq.conf
Add the following line to route .muraena domains to localhost:
address=/.muraena/127.0.0.1
3.Restart DNSMasq:
sudo systemctl restart dnsmasq
4.Verify Setup:
Test domain resolution using ping or dig:
ping anything.goes.to.muraena
This ensures that any subdomain under .muraena resolves to '127.0.0.1'
3. Generating SSL Certificates
Muraena requires SSL certificates for secure communication during testing or deployment.
Option A: Using mkcert for Local Certificates
For local testing, mkcert is an excellent tool for generating self-signed certificates.
1.Install mkcert:
On Ubuntu, run:
sudo apt-get install wget libnss3-tools -y
wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64
sudo mv mkcert-v1.4.3-linux-amd64 /usr/bin/mkcert
sudo chmod +x /usr/bin/mkcert
mkcert -install
2.Generate Certificates:
mkcert "*.muraena" muraena localhost 127.0.0.1 ::1
This creates .pem files for the certificate and private key.
3.Include Certificates in Muraena Configuration:
Update the configuration file with paths to the generated files:
[tls]
enabled = true
expand = false
certificate = "./config/cert.pem"
key = "./config/privkey.pem"
root = "./config/fullchain.pem"
Option B: Using Let's Encrypt for Public Certificates
For real-world use, obtain a wildcard certificate from Let's Encrypt.
Install Certbot:
sudo apt update
sudo apt install certbot python3-certbot-dns-cloudflare # Replace with your DNS plugin.
Generate Wildcard Certificate:
Use the DNS challenge method to verify domain ownership:
sudo certbot certonly --manual --preferred-challenges=dns \
--email you@example.com --agree-tos \
-d "*.yourdomain.com" -d yourdomain.com
Update Muraena Configuration:
Point to the obtained certificate and key files in the configuration file as shown above.
4. Final Steps
Start Muraena
Once Redis, DNSMasq, and certificates are configured, start Muraena as it will automatically handle its processes.
Testing Setup
-
Verify that domains under .muraena resolve correctly.
-
Ensure HTTPS works by accessing your phishing domain in a browser.
By following this guide, you can successfully set up Muraena with all necessary dependencies for both local testing and production environments. You can learn more and Download Muraenain GitHub.
Upgrade Your Cybersecurity Skills EHA: Learn 150+ Practical Cyber Security Courses Online With Life Time Access - Enroll Here