Page 6 of 7 FirstFirst ... 4567 LastLast
Results 51 to 60 of 67

Thread: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

  1. #51
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Quote Originally Posted by neilman01 View Post
    So what I do instead is send it through my regular email address but when I send it and write "http://192.168.X.XX" in the message whenever I check my email on my target computer it shows my ip address instead of the website it is supposed to.
    That's how email and networking is supposed to work.

  2. #52
    Just burned his ISO
    Join Date
    Feb 2010
    Location
    uk
    Posts
    23

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    I can create fake website (clone ) and I can connect to it with either XP sp2 or Vista no problem. Click links and get redirected all OK but I can never get a msf session even with AV turned off. Any ideas or have the OS's caught up and blocked things?

  3. #53
    Junior Member WolverineOD's Avatar
    Join Date
    Apr 2010
    Location
    Infront of Screen
    Posts
    28

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    To extend on what Archangel-Amael said. This attack does not point the victim when they go to the website you have made a copy of to the payload (or an SET created one, or a custom one depending on which option you chose) It hosts a copy of that website on your IP address. Meaning that the victim must be coerced into visiting your IP adress (192.168.x.x in this case) in order to get this attack to work.

  4. #54
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    6

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    heloo
    im find this link explaining java aplet
    Invisible Denizen: java_signed_applet AV Detection

    but in SET msf.exe is used as payload or temlete
    so can that be changed ?

    hope you anderstend me
    thanks

  5. #55
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Whenever I do this attack, I have my target windows computer on a different network and for some reason when I visit my ip address on the target computer it does not seem to load the page but when my target computer is on the same network as my attack computer then it loads fine with no problem. Any ideas as to what the problem could be?

  6. #56
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    6

    Default

    you must setup port forwarding for your mac

    is there a way to avoid av detection ,by editing the set tool,or just turn off the av?
    Last edited by Archangel-Amael; 05-02-2010 at 05:27 PM.

  7. #57
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    4

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    same problem.... every time a try the pdf it get's caught by the AV(pc's one or the server's one) and the java applet doesn't work at all. I access ip:80 from my victim pc and it shows a download box whit a randomname.part. And I've tried Google and it doesn't even show the entire page.
    Can someone help whit a suggestion or link ?
    10x

  8. #58
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Quote Originally Posted by neilman01 View Post
    Whenever I do this attack, I have my target windows computer on a different network and for some reason when I visit my ip address on the target computer it does not seem to load the page but when my target computer is on the same network as my attack computer then it loads fine with no problem. Any ideas as to what the problem could be?
    Not surprising really , as your hosting it locally

    Point 1: As for the "[*] ERROR: You have something running on port 80. (Apache?).
    Exit whatever is listening and restart SET."

    Point 2: Rel1k you should override the override (ctrl c), with a message saying close (SET) properly "or see point 1"

    For Phoebe, Multi/Handler exploit, SINGLE_BIND_TCP, Research how that listens.
    Last edited by killadaninja; 05-09-2010 at 01:18 PM.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  9. #59
    Just burned his ISO ThinAir11's Avatar
    Join Date
    Oct 2009
    Location
    Ganja Field
    Posts
    8

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Really great guide, been playing for a bit on my pclab (win xp pro sp3, win firewall on, and kaspersky internet security on), and kis detects a virus. I have also tried invisible denizen method to bypass AV, as well as metasploit-unleashed chapter 8 - Antivirus Bypass, but with no success... kaspersky detects a virus. Is there any other methods to bypass AV?

  10. #60
    Just burned his ISO ThinAir11's Avatar
    Join Date
    Oct 2009
    Location
    Ganja Field
    Posts
    8

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    So can anyone help with avoidance of AV?
    I spend quite a few hours trying to make executable that has a green light from AV, but with no success.
    I have tried following
    a) metasploit unleashed chapter 8 - bypassing antivir.
    b) method from invisible denizen's blog.
    c) using programs usx and pescrabmler.

    Nothing helped, kaspersky internet security found generic virus.

    Anyone can help with this?

Page 6 of 7 FirstFirst ... 4567 LastLast

Similar Threads

  1. Help Creating Dial-Up, PPPoE Connection
    By MASTERofMINDS in forum Beginners Forum
    Replies: 4
    Last Post: 04-05-2011, 06:00 AM
  2. A Question about Fake Authentication
    By jasontschk in forum Beginners Forum
    Replies: 6
    Last Post: 02-18-2010, 03:06 PM
  3. creating BT4 USB persistent video
    By jimmy in forum Beginners Forum
    Replies: 0
    Last Post: 02-12-2010, 11:45 PM
  4. Replies: 0
    Last Post: 02-11-2010, 02:06 AM
  5. probleme social engineering toolkit 0.3
    By CX4STORM in forum Beginners Forum
    Replies: 1
    Last Post: 01-25-2010, 04:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •