Evil QR

Evil QR: Phishing with QR Codes

Evil QR is a proof-of-concept toolkit designed to demonstrate QRLJacking, a phishing technique that exploits QR code-based login systems. It allows attackers to potentially gain control of user accounts by tricking them into scanning malicious QR codes.

Key Features:

• QR Code Extraction: The Evil QR browser extension can extract QR codes from various web elements (CANVAS, IMG, SVG, DIV) on login pages.
• Dynamic Phishing Pages: The Evil QR server hosts phishing pages that dynamically display attacker-controlled QR codes.
• Customizable Pre-text: Phishing pages can be customized with personalized text to enhance social engineering.
• HTTP Long Polling: Uses HTTP Long Polling for near real-time updates of QR codes on the phishing page.
• Account Takeover Detection: The extension can detect successful logins on the victim's account.

Use Cases:

• Demonstration of QRLJacking: Illustrates the potential risks associated with QR code-based login systems.
• Red Team Exercises: Can be used in red team operations to simulate phishing attacks and assess security awareness.
• Security Research: Provides a platform for researching and developing countermeasures against QRLJacking attacks.

Target Users:

• Security researchers
• Red team operators
• Penetration testers
• Security enthusiasts