Jump to content

S.e.t Not Cloning Sites Anymore


Shinigami
 Share

Recommended Posts

   1) Web Templates
   2) Site Cloner
   3) Custom Import

  99) Return to Webattack Menu

set:webattack>2
[-] Credential harvester will allow you to utilize the clone capabilities within SET
[-] to harvest credentials or parameters from a website as well as place them into a report
[-] This option is used for what IP the server will POST to.
[-] If you're using an external IP, use your external IP for this

set:webattack> IP address for the POST back in Harvester/Tabnabbing:***********

[-] SET supports both HTTP and HTTPS
[-] Example: http://www.thisisafakesite.com

set:webattack> Enter the url to clone:https://*****.com

[*] Cloning the website: https://*****.com
[*] This could take a little bit...

The best way to use this attack is if username and password form
fields are available. Regardless, this captures all POSTs on a website.
[*] I have read the above message. [*]

Press {return} to continue.
[*] Social-Engineer Toolkit Credential Harvester Attack
[*] Credential Harvester is running on port *****
[*] Information will be displayed to you as it arrives below:

localhost - - [29/Jun/2012 13:39:44] "GET / HTTP/1.1" 200 -

Problem is, the CLONED_SITE is BLANK. Locating the INDEX.HTML file in the WEB_CLONE folder, its BLANK.

I'm not sure why this is happening. It worked perfect until yesterday. I deleted the PROGRAM_JUNK data, also reloaded an old Snapshot of SET, and I still have this issue. It DOES connects to the internet to clone the specified Site, but the cloned_site is just EMPTY/BLANK.

I did try plenty of other sites to clone. They all take a while in cloning from the Internet, and smoothly proceeds with listening to incoming connections, but the Index is empty. Could it be a bug in the Update?

Link to comment
Share on other sites

Try doing an update on SET, to see if that fixes the problem.

Link to comment
Share on other sites

I personally found the SET credential harvesting pages to be quite buggy. If you're trying to harvest credentials, I reccomend using the PHP method. The same method they use on the pineapple, but instead of httpd, use apache2 and instead of a pineapple use a server. You can read all about it in the pineapple tutorials.

Link to comment
Share on other sites

It dosent work bro.. any other solution ? same problem here..

Thanks.

Might want to check, if SET is not saving the files into another directory.

Link to comment
Share on other sites

Might want to check, if SET is not saving the files into another directory.

ok it got its saved on root directory of apache.. sorry for earlier reply..

ok its created on root directory of apache..

root@bt:~# cd //var/www

root@bt://var/www# ls

eOnplnL index.html nix.bin wstool yqCp6VAwWcLZJx

exW2xtOjnmUc mac.bin oeaXoGX2WlBuc x.exe

HKDdwwdPqM9Tm msf.exe Signed_Update.jar yGATokQUkcUHvUE

--------------------------------------------------------------------------------------------

Edited by skorpinok
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...