social engineerToolkit

[dravok]

altri aggiornamenti? cioè non riesco ad andare avanti..

1) Social-Engineering Attacks

  2) Website Attack Vectors

1) Java Applet Attack Method

2) Site Cloner

set:webattack> Enter the url to clone:www.hotmail.it

• Cloning the website: http://www.hotmail.it
  
• This could take a little bit...
  
• Injecting Java Applet attack into the newly cloned website.
  
• Filename obfuscation complete. Payload name is: Ge5DASjEk
  
• Malicious java applet website prepped for deployment
  
  
    11) SE Toolkit Interactive Shell 
  
  set:payloads> PORT of the listener [443]:
  
• Done, moving the payload into the action.
  [-] Packing the executable and obfuscating PE file randomly, one moment.
  [-] Targetting of OSX/Linux (POSIX-based) as well. Prepping posix payload...
  
• Please note that the SETSHELL and RATTE are not compatible with the powershell injection technique. Disabling the powershell attack.
  [!] ERROR:Something is running on port 80. Seeing if it's a stale SET process...
  [!] If you want to use Apache, edit the config/set_config
  [!] Exit whatever is listening and restart SET
  
  
  Thank you for shopping at the Social-Engineer Toolkit.
  
  Hack the Gibson...and remember...hugs are worth more than handshakes.
  
  
  
  ora, levando l errore..  ma.. Thank you for shopping? 
  
  come sistemo la porta 80?
  
  
  
  
  

[Bdragon]

altri aggiornamenti? cioè non riesco ad andare avanti..

1) Social-Engineering Attacks

  2) Website Attack Vectors

1) Java Applet Attack Method

2) Site Cloner

set:webattack> Enter the url to clone:www.hotmail.it

• Cloning the website: http://www.hotmail.it
  
• This could take a little bit...
  
• Injecting Java Applet attack into the newly cloned website.
  
• Filename obfuscation complete. Payload name is: Ge5DASjEk
  
• Malicious java applet website prepped for deployment
  
  
    11) SE Toolkit Interactive Shell 
  
  set:payloads> PORT of the listener [443]:
  
• Done, moving the payload into the action.
  [-] Packing the executable and obfuscating PE file randomly, one moment.
  [-] Targetting of OSX/Linux (POSIX-based) as well. Prepping posix payload...
  
• Please note that the SETSHELL and RATTE are not compatible with the powershell injection technique. Disabling the powershell attack.
  [!] ERROR:Something is running on port 80. Seeing if it's a stale SET process...
  [!] If you want to use Apache, edit the config/set_config
  [!] Exit whatever is listening and restart SET
  
  
  Thank you for shopping at the Social-Engineer Toolkit.
  
  Hack the Gibson...and remember...hugs are worth more than handshakes.
  
  
  
  ora, levando l errore..  ma.. Thank you for shopping? 
  
  come sistemo la porta 80?
  
  
  
  
  
  

Ciao

l'errore sulla 80 (443) è dovuto probabilmente dal server web gia in running.
Hai tre possibilità:
1) Cambi porta del listener   <--- consigliato
2) Butti giù il server web  <--- non credo che potrai farlo visto che l'attacco è basato tramite server web
3) Come consigliato dall'errore modifichi le porte del server web: "If you want to use Apache, edit the config/set_config" <--- sconsigliato

Thank you for shopping  aka  Grazie per aver utilizzato SET, è un modo di dire.