SET java applet attack vector not working correctly
since a couple of days my SET Java applet attack stopped working. I used to test this succesfully on my local lan but all of a sudden when i try start handler and redirect my clients to the webserver i see that its trying to send the stage files but nothing happens. When i check on the clients i dont see the cloned website but scrambled text..
I tried to update metasploit and SET but i always get the same results. I also tried with and without self-signed certificate but no go.
It used to work on the same clients, but it looks like that it stopped working since i've updated? its on version 1.1.1.
also, after specifying the port and saying no to linux support its launcing the website i can see the following:
...... Auxiliary module running as background job
cant remember ever seeing that..
any help is appriciated.
Re: SET java applet attack vector not working correctly
I've seen a similar problem before, and while I'm not 100% sure why this worked, I cleared the clients temp folders, browsing history, and Java cache.
I then rebooted the boxes and tried the attack again, and it worked like a charm.
The only guess I could take would be that there was some kind of problem overwriting the java.exe file that the exploit drops into the users temp directory.
At any rate, it's an easy fix, and it's worth a shot. Good luck.