Results 1 to 6 of 6

Thread: SET credential harvester (external)

  1. #1
    Senior Member
    Join Date
    Jan 2011
    Location
    over the under
    Posts
    197

    Default SET credential harvester (external)

    hey guys,

    I'm trying to test a cred. harvester attack externally. I'm testing from my desktop connected to my private network to my laptop which is connected to an unsecured network. my ports are forwarded, when i dial up my external ip address on the victim side it directs me to my cloned site but when i type in credentials and hit enter it just hangs, then tells me its taking too long to respond.On the attacker side under SET it says code 404 message file not found GET /JAVA/CLASS.CLASS HTTP/1.1 I've tried switching the ports in config/set_config from the default port 80 to port 4444 and still the same result. can anyone see what im doing wrong here?

    any and all help is greatly appreciated, thank you!

  2. #2
    Senior Member iproute's Avatar
    Join Date
    Jan 2010
    Location
    Midwest, USA
    Posts
    192

    Default Re: SET credential harvester (external)

    Are credentials successfully obtained when browsing to the malicious site from LAN? When using this attack vector, typically I do not modify anything in set_config. Server port should definitely be left to 80. Get this working locally fist, then to get it working externally, all you would need to do then is forward the port, and nothing more. With this particular attack, there is little difference between external and internal.

  3. #3
    Senior Member
    Join Date
    Jan 2011
    Location
    over the under
    Posts
    197

    Default Re: SET credential harvester (external)

    yeah i have it working perfectly locally im gonna try everything set to default once more. thanks again for the reply and advice iproute!

  4. #4
    Senior Member iproute's Avatar
    Join Date
    Jan 2010
    Location
    Midwest, USA
    Posts
    192

    Default Re: SET credential harvester (external)

    Also, typically were I to perform this attack, I like to set up the malicious webserver at home (backtrack server if you will) of cloned site, then with mobile backtrack machine, arp poison with dns spoof or by some other means redirect pentest client workstation to malicious server with my mobile machine. I've found that seperating these function helps the attack to succeed.

  5. #5
    Senior Member
    Join Date
    Jan 2011
    Location
    over the under
    Posts
    197

    Default Re: SET credential harvester (external)

    ok so i think my problem may lie with my port forwarding... in my router settings it gives me two choices for my web server ports.
    1. public port
    2. private port

    when i have both set to 80 and i dial up my external ip address on the victim side it hangs and says connection has timed out the server is taking too long to respond...

    when i have public port set to 8888 and private set to 80 everything works excellent from bringing up my page to redirecting me to the legitimate site which is great but i still don't capture any credentials when i type them in on the victim side.

    i have tried many configurations including running the server on my internal ip and external ip and having both ports set to 80 and also having private at 80 and public at 8888... still no luck

    as always any help is greatly appreciated!

    thank you

  6. #6
    Senior Member
    Join Date
    Jan 2011
    Location
    over the under
    Posts
    197

    Default Solved

    My port 80 is being blocked by my isp... man those guys are COX lol

Similar Threads

  1. Replies: 9
    Last Post: 03-12-2011, 10:46 AM
  2. Replies: 6
    Last Post: 08-19-2010, 02:10 PM
  3. Replies: 0
    Last Post: 06-16-2010, 08:31 PM
  4. Keimpx - SMB Credential Testing
    By djjacket in forum Tool Requests
    Replies: 1
    Last Post: 03-16-2010, 11:53 AM
  5. Wireless Key Harvester --- including video
    By hm2075 in forum OLD Wireless
    Replies: 20
    Last Post: 11-26-2009, 11:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •