Vulnerability & Exploit Database

Back to search

Windows Gather User Credentials (phishing)

This module is able to perform a phishing attack on the target by popping up a loginprompt. When the user fills credentials in the loginprompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a loginprompt when a specific process is starting. Tested on Windows 7.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name



  • Wesley Neelen <security [at]>
  • Matt Nelson


  • windows


  • x86
  • x64



Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use post/windows/gather/phish_windows_credentials msf post(phish_windows_credentials) > sessions ...sessions... msf post(phish_windows_credentials) > set SESSION <session-id> msf post(phish_windows_credentials) > show options and set options... msf post(phish_windows_credentials) > run