Social Engineering Toolkit Credential Harvester not showing credentials

[marthafocker]

I recently began testing out the credential harvester in the Social Engineering toolkit under the website attack vectors. The harvester does not capture any information, it only posts a header with the time and date. I've tried it with several different sites using my login credentials and nothing has been captured even on sites I know are not encrypted but send clear text. Is there anything that needs to pre-configured for this to work. Or something I'm doing wrong? It asks

[sickness]

Did you try editing the config/set_config file ?

[SeekNDestroy]

Hello!Edit the "config/set_config" , scroll down and turn "WEBATTACK_EMAIL" to ON,the default is OFF,so just replace OFF with ON,then CTRL+X (to save) then hit y(for Yes) and then hit ENTER.Now all you have to do is to run SET .
I really tried Credential Harvester on gmail and it works for me,but after i've turned ON the WEBATTACK_EMAIL.

[marthafocker]

Thanks guys for your help. I configured the set_config with Web attack vectors on. I tried it out and I'm still not catching my credentials. It just made the e-mail work in conjunction with the website attack method to send out a fake e-mail leading the the victim to the site. I just tried gmail and nothing. I've tried turning off IP address detection and turnning it back on and I've tried turnning sendmail on and off. I even tried booting a fresh backtrack 4 and updating it and still nothing was captured. Any more ideas guys?

Did you try editing the config/set_config file ?

What particular in the config/set_config file should I edit. I tried turning on WEB ATTACK vectors. Is the credential harvester working for you sickness? If so, what are your settings?

When I run ettercap at the same time on my wireless interface, It is able to capture the credentials. Does anyone else need to do this? I see them printed out on both ettercap and the credential harvester.

[sickness]

That depends on what you want to do, there are a few options there. Try to read about them.

[halfdone]

Tutorials | SecManiac.com Blog there is some great tutorials about SET

[dtrixer]

Having exactly the same problem.
I only get the first line like
081-001-211-198.yess.at -- [Date] "Get / HTTP/1.1" 200 -

But then: nothing.

Testing in my local network all is working fine.

Do you have some hints for me?

Thanks a lot

[dtrixer]

Hm, do you need some more information?

I'm using Fritzbox 7170 as Router, port 80 is open, so the Cloned Website is shown correctly. Within my network I get password and login name after sending the form.
From outside only the Website is shown but no password or login name is delivered.

[2901119]

are you trying to do this externally? I had a similar problem when I tried getting this attack to work over the web, it turned out that my isp blocks port 80 from the gate... I dont know if this relates to your situation but I figured I'd share my experience just in case.

[dtrixer]

Thank you for answering, but Port 80 isn't blocked. The website over port 80 is shown correctly from outside.