# Week 20 - Google Phishing Page ## Two-Part Google Phishing Page This week’s web hacking post goes out to my fellow emulated criminals interested in phishing for Google credentials:\ \ I created a GitHub repo that allows you to quickly spin up a fake two-part Google login, link is in the comments. All you need is a web server that supports PHP and 4 simple commands. \ \ You can customize the username page to contain whatever domain you’d like (just edit the JavaScript on line 21 of index.html) and have it up-and-running in just a few minutes.\ \ Extra Tip: You can watch the creds.txt file live as passwords start coming in, just run the following command on your server:\ \ `tail -f /opt/GooglePhishing/creds.txt | while read line; do echo $line; sleep 3; done`\ \ This command will display the contents of the creds.txt file, updating every 3 seconds. If you like bash/linux tips follow my friend and colleague [James Stahl](https://www.linkedin.com/in/ACoAAByk2G0BJ66KwiDflfbL6-nWTHuFyy9Lz1U) for his weekly series. ![](/files/kyYxrQDTb780CzLPuzuq) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.webhackingtips.com/weekly-tips/week-20-google-phishing-page.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.