The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

[unset]

Hello,

I've just watched the online tutorial for SET. I can follow it right up until the server is supposed to open and start listening on the specified ports. After that I receive this error msg:

Code:

Enter choice yes or no: yes
Enter the port to listen for on OSX: 8080
Enter the port to listen for on Linux: 8081
Created by msfpayload (http://www.metasploit.com).
Payload: osx/x86/shell_reverse_tcp
 Length: 65
Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8080
Created by msfpayload (http://www.metasploit.com).
Payload: linux/x86/shell/reverse_tcp
 Length: 50
Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8081
Something went wrong... printing error: No module named pexpect

After that, it takes me right back to the 'Website Attack Vectors' menu.

I'm running ubunto (karmic) and have openjdk installed.

Any ideas?

[mikeyxb]

going to sound like a complete newbie here but what exactly can someone gain from this, eg passwords, usernames? .... i am still a learner but not a complete newb,

[Archangel-Amael]

going to sound like a complete newbie here but what exactly can someone gain from this, eg passwords, usernames? .... i am still a learner but not a complete newb,

Noob indeed, but least you admit it. For starters this and many other "attacks" can allow a user to indeed take control or gain access to a computer and or network. This can lead to many things such as data theft for starters.
There is a plethora of information on the internet about this. I would suggest looking at some of the following:
How malicious hackers attack | Security Central - InfoWorld
Hacker (computer security) - Wikipedia, the free encyclopedia
How To Become A Hacker

[purehate]

Hello,

I've just watched the online tutorial for SET. I can follow it right up until the server is supposed to open and start listening on the specified ports. After that I receive this error msg:

Code:

Enter choice yes or no: yes
Enter the port to listen for on OSX: 8080
Enter the port to listen for on Linux: 8081
Created by msfpayload (http://www.metasploit.com).
Payload: osx/x86/shell_reverse_tcp
 Length: 65
Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8080
Created by msfpayload (http://www.metasploit.com).
Payload: linux/x86/shell/reverse_tcp
 Length: 50
Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8081
Something went wrong... printing error: No module named pexpect

After that, it takes me right back to the 'Website Attack Vectors' menu.

I'm running ubunto (karmic) and have openjdk installed.

Any ideas?

This forum is to support Backtrack Linux and not ubuntu karmic. Furthermore the error tells you exactly whats wrong, you are missing pxexpect

[Sputnik]

The multi encoded payload is detectable by Avira Antivirus every time I test it. Is this the same for everyone else?

[Phoebe]

Can someone give me a hand here, I keep following the tut but when it comes to actually creating the "evil" webpage I keep getting this error.

"[*] ERROR: You have something running on port 80. (Apache?)
Exit whatever is listening and restart SET."

I've tried googling around and using commands such as kill -TERM $(cat /usr/local/apache/logs/httpd.pid) to stop the service on port 80 but nothing seems to be working.

How do I stop the services running on port 80?

Thanks again

[Sputnik]

Can someone give me a hand here, I keep following the tut but when it comes to actually creating the "evil" webpage I keep getting this error.

"[*] ERROR: You have something running on port 80. (Apache?)
Exit whatever is listening and restart SET."

I've tried googling around and using commands such as kill -TERM $(cat /usr/local/apache/logs/httpd.pid) to stop the service on port 80 but nothing seems to be working.

How do I stop the services running on port 80?

Thanks again

Try

Code:

/etc/init.d/apache2 stop

[Utram]

Is anyone else having trouble with the java_signed_applet? The first time I tried it(one month ago) it worked perfectly, but now not at all. I have set the home_variable and installed rjb but my web browser doesn't recognize what is one the fake site, neither does it show the copied site.

Here's the msfconsole error message

Code:

[-] JVM not initialized. You must install the Java Development Kit, the rjb ruby gem, and set the $JAVA_HOME variable.
[-] Falling back to static signed applet.  This exploit will still work, but the CERTCN and APPLETNAME variables will be ignored.

Did an update change the exploit or something? I'm quite certain I have the prerequisites.
Thanks in advance.

[starbuck88]

Is there a way to change the http port? I checked in the config but seen nothing, googled too...!
If so, is there a way to port forward it within backtrack. (because my router seems to not support the PF. Thanks

[neilman01]

Hi, I have done this exploit and had it successfully working the problem is that I can't use the command "sendEmail" because it never sends the message and tells me I have a problem with my port 25.
So what I do instead is send it through my regular email address but when I send it and write "http://192.168.X.XX" in the message whenever I check my email on my target computer it shows my ip address instead of the website it is supposed to. Other then that the exploit works perfectly. Thanks so much purehate, great write up