Page 5 of 7 FirstFirst ... 34567 LastLast
Results 41 to 50 of 67

Thread: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

  1. #41
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    1

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Hello,

    I've just watched the online tutorial for SET. I can follow it right up until the server is supposed to open and start listening on the specified ports. After that I receive this error msg:
    Code:
    Enter choice yes or no: yes
    Enter the port to listen for on OSX: 8080
    Enter the port to listen for on Linux: 8081
    Created by msfpayload (http://www.metasploit.com).
    Payload: osx/x86/shell_reverse_tcp
     Length: 65
    Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8080
    Created by msfpayload (http://www.metasploit.com).
    Payload: linux/x86/shell/reverse_tcp
     Length: 50
    Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8081
    Something went wrong... printing error: No module named pexpect
    After that, it takes me right back to the 'Website Attack Vectors' menu.

    I'm running ubunto (karmic) and have openjdk installed.

    Any ideas?

  2. #42
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    going to sound like a complete newbie here but what exactly can someone gain from this, eg passwords, usernames? .... i am still a learner but not a complete newb,

  3. #43
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Quote Originally Posted by mikeyxb View Post
    going to sound like a complete newbie here but what exactly can someone gain from this, eg passwords, usernames? .... i am still a learner but not a complete newb,
    Noob indeed, but least you admit it. For starters this and many other "attacks" can allow a user to indeed take control or gain access to a computer and or network. This can lead to many things such as data theft for starters.
    There is a plethora of information on the internet about this. I would suggest looking at some of the following:
    How malicious hackers attack | Security Central - InfoWorld
    Hacker (computer security) - Wikipedia, the free encyclopedia
    How To Become A Hacker

  4. #44
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Quote Originally Posted by unset View Post
    Hello,

    I've just watched the online tutorial for SET. I can follow it right up until the server is supposed to open and start listening on the specified ports. After that I receive this error msg:
    Code:
    Enter choice yes or no: yes
    Enter the port to listen for on OSX: 8080
    Enter the port to listen for on Linux: 8081
    Created by msfpayload (http://www.metasploit.com).
    Payload: osx/x86/shell_reverse_tcp
     Length: 65
    Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8080
    Created by msfpayload (http://www.metasploit.com).
    Payload: linux/x86/shell/reverse_tcp
     Length: 50
    Options: LHOST=XXX.XXX.XXX.XXX,LPORT=8081
    Something went wrong... printing error: No module named pexpect
    After that, it takes me right back to the 'Website Attack Vectors' menu.

    I'm running ubunto (karmic) and have openjdk installed.

    Any ideas?
    This forum is to support Backtrack Linux and not ubuntu karmic. Furthermore the error tells you exactly whats wrong, you are missing pxexpect

  5. #45
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    5

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    The multi encoded payload is detectable by Avira Antivirus every time I test it. Is this the same for everyone else?

  6. #46
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    1

    Question Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Can someone give me a hand here, I keep following the tut but when it comes to actually creating the "evil" webpage I keep getting this error.

    "[*] ERROR: You have something running on port 80. (Apache?)
    Exit whatever is listening and restart SET."

    I've tried googling around and using commands such as kill -TERM $(cat /usr/local/apache/logs/httpd.pid) to stop the service on port 80 but nothing seems to be working.

    How do I stop the services running on port 80?

    Thanks again

  7. #47
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    5

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Quote Originally Posted by Phoebe View Post
    Can someone give me a hand here, I keep following the tut but when it comes to actually creating the "evil" webpage I keep getting this error.

    "[*] ERROR: You have something running on port 80. (Apache?)
    Exit whatever is listening and restart SET."

    I've tried googling around and using commands such as kill -TERM $(cat /usr/local/apache/logs/httpd.pid) to stop the service on port 80 but nothing seems to be working.

    How do I stop the services running on port 80?

    Thanks again
    Try
    Code:
    /etc/init.d/apache2 stop

  8. #48
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    6

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Is anyone else having trouble with the java_signed_applet? The first time I tried it(one month ago) it worked perfectly, but now not at all. I have set the home_variable and installed rjb but my web browser doesn't recognize what is one the fake site, neither does it show the copied site.

    Here's the msfconsole error message

    Code:
    [-] JVM not initialized. You must install the Java Development Kit, the rjb ruby gem, and set the $JAVA_HOME variable.
    [-] Falling back to static signed applet.  This exploit will still work, but the CERTCN and APPLETNAME variables will be ignored.
    Did an update change the exploit or something? I'm quite certain I have the prerequisites.
    Thanks in advance.

  9. #49
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    10

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Is there a way to change the http port? I checked in the config but seen nothing, googled too...!
    If so, is there a way to port forward it within backtrack. (because my router seems to not support the PF. Thanks

  10. #50
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Hi, I have done this exploit and had it successfully working the problem is that I can't use the command "sendEmail" because it never sends the message and tells me I have a problem with my port 25.
    So what I do instead is send it through my regular email address but when I send it and write "http://192.168.X.XX" in the message whenever I check my email on my target computer it shows my ip address instead of the website it is supposed to. Other then that the exploit works perfectly. Thanks so much purehate, great write up

Page 5 of 7 FirstFirst ... 34567 LastLast

Similar Threads

  1. Help Creating Dial-Up, PPPoE Connection
    By MASTERofMINDS in forum Beginners Forum
    Replies: 4
    Last Post: 04-05-2011, 06:00 AM
  2. A Question about Fake Authentication
    By jasontschk in forum Beginners Forum
    Replies: 6
    Last Post: 02-18-2010, 03:06 PM
  3. creating BT4 USB persistent video
    By jimmy in forum Beginners Forum
    Replies: 0
    Last Post: 02-12-2010, 11:45 PM
  4. Replies: 0
    Last Post: 02-11-2010, 02:06 AM
  5. probleme social engineering toolkit 0.3
    By CX4STORM in forum Beginners Forum
    Replies: 1
    Last Post: 01-25-2010, 04:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •