ukdude13 Posted December 9, 2015 Posted December 9, 2015 (edited) Hi, I've used the setoolkit before to harvest login crednentials using fake login pages and it's worked well. However I've just tried to set one up on a new Kali box and the page is created successfully however when I click login I'm presented with the contents of the post.php file and when I open the harvester log file there are no credentials saved. Has anyone else had this problem and can anyone help me fix this issue. Thanks Edited December 9, 2015 by ukdude13 Quote
Mr-Protocol Posted December 10, 2015 Posted December 10, 2015 Make sure you updated the tools. I know SET gets updated pretty frequently. Quote
digip Posted December 10, 2015 Posted December 10, 2015 Make sure that PHP is installed, started and Apache is started as well. Being served an actual php file and not the rendered page is usually a sign of no running web server. Quote
ukdude13 Posted December 10, 2015 Author Posted December 10, 2015 Yeh the setoolkit is all upto date, and I've installed php and it's still not working. Quote
cooper Posted December 10, 2015 Posted December 10, 2015 Hi, I've used the setoolkit before to harvest login crednentials using fake login pages and it's worked well. However I've just tried to set one up on a new Kali box and the page is created successfully however when I click login I'm presented with the contents of the post.php file and when I open the harvester log file there are no credentials saved. Has anyone else had this problem and can anyone help me fix this issue. Thanks Your apache isn't set up to interpret php. Look at its config and make sure mod_php is enabled. Quote
ukdude13 Posted December 10, 2015 Author Posted December 10, 2015 Thanks cooper, had to run apt-get install libapache2-mod-php5. So I don't get the php file showing now, but the credentials are still not captured. Any advice on that? Thanks Quote
digip Posted December 12, 2015 Posted December 12, 2015 Is this your own PHP form and apache working to begin with? Do a simple test first, then inspect what you are serving in the SET payload to be sure what its output should be. Simple php form example you can try locally first: ​​​​​ <form method="post" action="" > <input id="input1" type="text" name="MyValue" value="" / > <input type="submit" value="Capture Info" /> <?php if(isset($_POST['MyValue'])) { file_put_contents(dirname(__FILE__)."/mycapturedinfo.txt",htmlspecialchars($_POST['MyValue'] ,ENT_QUOTES | 'ENT_HTML401','UTF-8')."\r\n", LOCK_EX | FILE_APPEND); // Write contents to file in current directory ^file ^sanitize the input - never hurts ^new line ^don't ovrerwrite file, but append it } ?> Quote
i8igmac Posted December 14, 2015 Posted December 14, 2015 I forget' but now days you have to enable the php file extensions *.php in the conf file Quote
ukdude13 Posted December 14, 2015 Author Posted December 14, 2015 Another quick question relating to this. I'm trying to set up a page on my Kali machine and then transfer the files to a Linux web server. When I make the files I've put the web servers IP address as the post back address but when I transfer the files over the credentials are captured. Does the credential harvester page only work on the machine you create it on or can you transfer the file to another machine? Quote
digip Posted December 14, 2015 Posted December 14, 2015 I forget' but now days you have to enable the php file extensions *.php in the conf file If you're using Kali, start Apache and you're all set to go. Both apache adn php is setup already, just Apache is not started on boot. apachectl start Then change your test files in /var/www/html/ Be sure to rename or move index.html if you create an index.php. Can't remember if it's set to go to PHP first or HTML(depends on setup, but should default to PHP first, although you can view both), but just in case the html file is seen by default. Quote
digip Posted December 14, 2015 Posted December 14, 2015 Another quick question relating to this. I'm trying to set up a page on my Kali machine and then transfer the files to a Linux web server. When I make the files I've put the web servers IP address as the post back address but when I transfer the files over the credentials are captured. Does the credential harvester page only work on the machine you create it on or can you transfer the file to another machine? I haven't looked at how the credential harvester is setup, but I'm sure you can redirect form data to post to any internal and external page to receive the data. If on someone else's LAN, you might want to save locally and pass it up some other server over encrypted channels or your info can be seen going outbound from the victims network if sent as a plain post of data. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.