View Issue Details

IDProjectCategoryView StatusLast Update
0005626Kali Linux[All Projects] Kali Package Bugpublic2019-08-15 14:07
ReporterCyBroNicAssigned Torhertzog 
PriorityurgentSeverityminorReproducibilityalways
Status closedResolutionno change required 
Product Version2019.2 
Target VersionFixed in Version 
Summary0005626: SET bug
DescriptionDear all
when i using Metasploit Browser Exploit Method and i did step by step process and i put local address and port correctly.but when comes to the final step this happen.

[*] Cloning the website: https://login.facebook.com/login.php
[*] This could take a little bit...
[*] Injecting iframes into cloned website for MSF Attack....
[*] Malicious iframe injection successful...crafting payload.

[*] Apache appears to be running, moving files into Apache's home

***************************************************
Web Server Launched. Welcome to the SET Web Attack.
***************************************************

[--] Tested on Windows, Linux, and OSX [--]
[--] Apache web server is currently in use for performance. [--]
[*] Moving payload into cloned website.
[*] The site has been moved. SET Web Server is now listening..
[*] Everything has been moved over to Apache and is ready to go.

      Press <return> to continue

when i hit enter it goes to the this page.

utilizes iframe replacements to make the highlighted URL link to appear legitimate however when clicked a window pops up then is replaced with the malicious link. You can edit the link replacement settings in the set_config if its too slow/fast.

The Multi-Attack method will add a combination of attacks through the web attack menu. For example you can utilize the Java Applet, Metasploit Browser, Credential Harvester/Tabnabbing all at once to see which is successful.

The HTA Attack method will allow you to clone a site and perform powershell injection through HTA files which can be used for Windows-based powershell exploitation through the browser.

   1) Java Applet Attack Method
   2) Metasploit Browser Exploit Method
   3) Credential Harvester Attack Method
   4) Tabnabbing Attack Method
   5) Web Jacking Attack Method
   6) Multi-Attack Web Method
   7) HTA Attack Method

  99) Return to Main Menu

set:webattack>


and i do not what is a problem for this.can you help me please?

Activities

crash

2019-08-09 13:30

reporter   ~0010845

Hi CyBroNic, It's not a Kali a bug and it's not a bug.
It's the expected behavior as far as I know.


Please refer to the tool manual

Issue History

Date Modified Username Field Change
2019-08-09 05:37 CyBroNic New Issue
2019-08-09 13:30 crash Note Added: 0010845
2019-08-15 14:07 rhertzog Assigned To => rhertzog
2019-08-15 14:07 rhertzog Status new => closed
2019-08-15 14:07 rhertzog Resolution open => no change required