Social Engineeringphishingcredential harvestingbasic authword templatedocx injection

Phishery

Phishery is a simple SSL-enabled HTTP server for phishing credentials via Basic Authentication. It excels at injecting phishing URLs into Word document templates to trigger authentication dialogs in Microsoft Word.

Description

Phishery serves as a Basic Auth Credential Harvester paired with a Word Doc Template Injector. Its primary purpose is to set up an HTTP server that captures credentials entered by users when prompted for Basic Authentication. This is particularly effective in phishing scenarios where the server URL is embedded in Microsoft Word documents.

The tool's strength lies in its ability to modify .docx files by injecting a phishery URL as the document template. When the victim opens the modified Word file, Microsoft Word automatically requests the template from the specified URL, prompting the user for credentials without suspicion.

Use cases include penetration testing for social engineering assessments, demonstrating credential phishing risks in corporate environments, and educational purposes to showcase phishing techniques via document templates.

How It Works

Phishery operates an SSL-enabled HTTP server configured via a JSON settings file. When a client, such as Microsoft Word, requests a resource from the phishery URL, the server responds with a Basic Authentication challenge (HTTP 401). Harvested credentials from successful authentications are stored in a specified JSON credentials file. For template injection, phishery modifies the .docx file's template reference to point to the phishery server URL, causing Word to fetch it on open and trigger the auth dialog transparently to the user.

Installation

bash

sudo apt install phishery

Flags

-h, --helpShow usage and exit.

-vShow version and exit.

-sThe JSON settings file used to setup the server. [default: "/etc/phishery/settings.json"]

-cThe JSON file to store harvested credentials. [default: "/etc/phishery/credentials.json"]

-uThe phishery URL to use as the Word document template.

-iThe Word .docx file to inject with a template URL.

-oThe new Word .docx file with the injected template URL.

Examples

Show usage and exit.

phishery -h

Start the server with custom settings and credentials files.

phishery -s settings.json -c credentials.json

Inject a template URL into a Word .docx file.

phishery -u https://secure.site.local/docs -i good.docx -o bad.docx

Start the server using default settings and credentials paths.

phishery -s /etc/phishery/settings.json -c /etc/phishery/credentials.json

Show version and exit.

phishery -v

Inject a local phishery URL into an input .docx file, outputting to a new file.

phishery -u https://phishery.local -i input.docx -o output.docx

Start server with custom credentials output file using defaults for settings.

phishery -c harvested.json

Updated 2026-04-16kali.org ↗