FinFly Web source code has been leaked

The FinFisher software which is used by governments to hack people, seems to be leaked to the internet. The FinFly web source contains all the files which are needed to create a FinFly web environment.

FinFly Web provides remote and covert infection options of a target system. It uses web-based attacks to infiltrate the target computer.

The FinFly web provides a point-and-click interface, which enables the agent to inject multiple malicious codes or packages.

finfly web authname

 

The leaked environment seems to be a “presentation” environment. The reason for this claim is that the .htaccess file of the FinFly web package holds the AuthName “Presentation”.

finfly web htpasswdOnce you take a look at the .htpasswd file, you will see that the username for this FinFly Web environment is “demo” and that the password for this “demo” account is “QWo4ZNOQBiLZ6”.

finfly web demo index page

In the index.html file, you will see that the title of the page is “FinFly Web Demo Page”. Nevertheless, this package contains source code which is used by the FinFisher company to infect people with the FinFly packages.

READ THE FINFLY WEB PDF HERE

DOWNLOAD THE PACKAGE from GitHUB