Phishing Emails and GeoIP Lookup

30 minutes
  • 6 Learning Objectives

About this Hands-on Lab

In this hands-on lab, we will create and send a phishing email. The goal is to get the target to click on the link in the email, revealing information about themselves, such as their IP address, browser, and operating system. We will then use the IP address to geolocate the target.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install and Start the Apache Web Server
  1. Install the Apache web server.
    yum install httpd
  2. Start the Apache web server.
    systemctl start httpd
  3. Verify that the server is running.
    systemctl status httpd
Find the Target’s IP Address
  1. Run the following command:
Create a Resource in the Root Directory of the Server
  1. Change to the default root directory of the server.
    cd /var/www/html/
  2. Create a new resource.
    touch <RESOURCE_NAME>
  3. Edit the resource file.
    echo "Thank you for the free information" > <RESOURCE_NAME>
  4. Verify that the file is not empty.
Create and Send a Phishing Email
  1. Use your email client to create and send a phishing email.
  2. Include an image attachment that links to the resource we created in the previous task.
Monitor the Server for Incoming Client Connections
  1. Run the following command:
    tail -f /var/log/httpd/access_log
Perform a GeoIP Lookup
  1. Run the following command:
    geoiplookup <IP_ADDRESS>
  2. Consult the manual pages for more information about the GeoIP lookup tool.
    man geoiplookup

Additional Resources

NOTE: The cloud-user account has sudo privileges.

  1. Install a web server.
  2. Start the web server.
  3. Download an image of your choice with wget.
  4. Place the image into the root folder of the web server.
  5. Make sure that the image is publicly accessible.
  6. Open your email client and send yourself the image as an email attachment.
  7. Start monitoring the web server access logs.
  8. Open the email you sent yourself and click on the image.
  9. When you open the image, you will see your browser, IP, and operating system information appear in the logs.
  10. Use the IP address to perform a GeoIP lookup.
  11. You can also type the IP address into your browser address bar, and it should lead you to the login page of your home router.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?