Evil QR: Phishing with QR Codes
Evil QR is a proof-of-concept toolkit designed to demonstrate QRLJacking, a phishing technique that exploits QR code-based login systems. It allows attackers to potentially gain control of user accounts by tricking them into scanning malicious QR codes.
Key Features:
- QR Code Extraction: The Evil QR browser extension can extract QR codes from various web elements (CANVAS, IMG, SVG, DIV) on login pages.
- Dynamic Phishing Pages: The Evil QR server hosts phishing pages that dynamically display attacker-controlled QR codes.
- Customizable Pre-text: Phishing pages can be customized with personalized text to enhance social engineering.
- HTTP Long Polling: Uses HTTP Long Polling for near real-time updates of QR codes on the phishing page.
- Account Takeover Detection: The extension can detect successful logins on the victim's account.
Use Cases:
- Demonstration of QRLJacking: Illustrates the potential risks associated with QR code-based login systems.
- Red Team Exercises: Can be used in red team operations to simulate phishing attacks and assess security awareness.
- Security Research: Provides a platform for researching and developing countermeasures against QRLJacking attacks.
Target Users:
- Security researchers
- Red team operators
- Penetration testers
- Security enthusiasts