Jump to content

Recommended Posts

Posted (edited)

Hi,

I've used the setoolkit before to harvest login crednentials using fake login pages and it's worked well. However I've just tried to set one up on a new Kali box and the page is created successfully however when I click login I'm presented with the contents of the post.php file and when I open the harvester log file there are no credentials saved.

Has anyone else had this problem and can anyone help me fix this issue.

Thanks

Edited by ukdude13
Posted

Make sure that PHP is installed, started and Apache is started as well. Being served an actual php file and not the rendered page is usually a sign of no running web server.

Posted

Hi,

I've used the setoolkit before to harvest login crednentials using fake login pages and it's worked well. However I've just tried to set one up on a new Kali box and the page is created successfully however when I click login I'm presented with the contents of the post.php file and when I open the harvester log file there are no credentials saved.

Has anyone else had this problem and can anyone help me fix this issue.

Thanks

Your apache isn't set up to interpret php. Look at its config and make sure mod_php is enabled.

Posted

Thanks cooper, had to run apt-get install libapache2-mod-php5. So I don't get the php file showing now, but the credentials are still not captured. Any advice on that?

Thanks

Posted

Is this your own PHP form and apache working to begin with? Do a simple test first, then inspect what you are serving in the SET payload to be sure what its output should be.

Simple php form example you can try locally first:

​​​​​
<form method="post" action="" >
<input id="input1" type="text" name="MyValue" value="" / >
<input type="submit" value="Capture Info" />

<?php

if(isset($_POST['MyValue'])) {
file_put_contents(dirname(__FILE__)."/mycapturedinfo.txt",htmlspecialchars($_POST['MyValue'] ,ENT_QUOTES | 'ENT_HTML401','UTF-8')."\r\n", LOCK_EX | FILE_APPEND);
// Write contents to file in current directory ^file ^sanitize the input - never hurts ^new line ^don't ovrerwrite file, but append it
}
?> 
Posted

Another quick question relating to this. I'm trying to set up a page on my Kali machine and then transfer the files to a Linux web server. When I make the files I've put the web servers IP address as the post back address but when I transfer the files over the credentials are captured. Does the credential harvester page only work on the machine you create it on or can you transfer the file to another machine?

Posted

I forget' but now days you have to enable the php file extensions *.php in the conf file

If you're using Kali, start Apache and you're all set to go. Both apache adn php is setup already, just Apache is not started on boot.

apachectl start

Then change your test files in /var/www/html/

Be sure to rename or move index.html if you create an index.php. Can't remember if it's set to go to PHP first or HTML(depends on setup, but should default to PHP first, although you can view both), but just in case the html file is seen by default.

Posted

Another quick question relating to this. I'm trying to set up a page on my Kali machine and then transfer the files to a Linux web server. When I make the files I've put the web servers IP address as the post back address but when I transfer the files over the credentials are captured. Does the credential harvester page only work on the machine you create it on or can you transfer the file to another machine?

I haven't looked at how the credential harvester is setup, but I'm sure you can redirect form data to post to any internal and external page to receive the data. If on someone else's LAN, you might want to save locally and pass it up some other server over encrypted channels or your info can be seen going outbound from the victims network if sent as a plain post of data.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...