Author Topic: SEToolkit cloned website works over internet, but does not harvest credentials. (Read 796 times)

nvrmoar · « **on:** November 21, 2015, 05:08:20 pm »

I've been toying around with SEToolkit over the weekend and everything works properly on the LAN: the cloned page redirects the victim to the real page and stores credentials in a text file in /var/www/html/. However, when I set port forwarding on my router to go to the cloned page from the internet, something weird happens. I can view the page, but once I input credentials and submit, the page just hangs. It doesn't redirect me to the real page, nor does it store anything in the credentials file.

I've searched for a solution but haven't encountered any posts with the same problem as me. Has anyone experienced this before? Any help would be much appreciated. Thanks!

iTpHo3NiX · « **Reply #1 on:** November 21, 2015, 08:59:07 pm »

Sounds like a permissions error, do you have the credentials file with the permissions 777? If that doesn't work, be sure to enable error logging and post up the error_log and the source page so we can check where the error is coming from

nvrmoar · « **Reply #2 on:** November 22, 2015, 12:18:52 pm »

Hi, thanks for your reply. A guy on StackExchange suggested that the "action = [address]" was not set to the public facing IP. This did end up fixing the issue. I was under the impression that in SET I would put the local IP of the Apache server, port forward said IP on the router, and the router would take port 80 requests to the local IP of the Apache server.

Anyway, while we're on topic there is another question that i have. So, after I got everything working normally on the public side, I thought I'd introduce ddns to the picture to deal with the dynamic public IP. The same issue as in OP arises once I set action= ____.ddns.net. I have the DNS Update Client software running on my computer to update the public IP associated with my ddns.net domain. Once again, the page works, but once the submission is made the website hangs and the credentials do not get logged.

Shouldn't action='http://____.ddns.net'... be same as action='public_ip' ? Not sure what I am doing wrong, but again, any help would be appreciated

--EDIT--

I should also mention that I have set permissions to the credentials file to 777

inability · « **Reply #3 on:** November 22, 2015, 12:24:33 pm »

Quote from: nvrmoar on November 22, 2015, 12:18:52 pm

Shouldn't action='http://____.ddns.net'... be same as action='public_ip' ? Not sure what I am doing wrong, but again, any help would be appreciated

Wait, did you actually put "http://" in the config? I'm pretty sure only the hostname goes in there, so no scheme is present.

nvrmoar · « **Reply #4 on:** November 22, 2015, 12:42:00 pm »

Quote from: inability on November 22, 2015, 12:24:33 pm

Wait, did you actually put "http://" in the config? I'm pretty sure only the hostname goes in there, so no scheme is present.

This was the solution to my problem. I removed the http:// and it fixed it. Much to learn I have. Thanks for your help!

EvilZone

News:

Author Topic: SEToolkit cloned website works over internet, but does not harvest credentials. (Read 796 times)

nvrmoar

SEToolkit cloned website works over internet, but does not harvest credentials.

iTpHo3NiX

Re: SEToolkit cloned website works over internet, but does not harvest credentials.

nvrmoar

Re: SEToolkit cloned website works over internet, but does not harvest credentials.

inability

Re: SEToolkit cloned website works over internet, but does not harvest credentials.

nvrmoar

Re: SEToolkit cloned website works over internet, but does not harvest credentials.