Issues with setoolkit or Social-Engineer Toolkit (SET)

Following query was sent to me by Nathan about some issues with setoolkit.

Fri, Jul 24, 2015 at 1:40 PM
Name: Nathan

Comment: I need help with setoolkit. Specifically phishing and site cloning.
I did everything I should have, it works on my LAN. but when I send the link to someone outside it takes forever to load and ends up timing out for them.
Yes I have done these:
-PortForwarded port 80
-Used my external IP
-Used a URL shortener (Multiple different ones)

Things I probally should NOT have done:
-Disabled apache (Cant seem to turn it back on?)

Anyhelp would be greatly appreciated :)

Things to investigate:Query: Issues with setoolkit or Social-Engineer Toolkit (SET)

  1. What happens if you try the actual IP address instead of URL shortener? i.e. http://1.2.3.4/somepage.html ? Is your cloned site accessible from Internet at all?
  2. If apache is not running, how is your web server serving pages? service apache2 start
  3. Instead of having URL shortener forward it to your IP directly, register/use those 0.99$ domains and then do a 301/302 redirect or parked domain …

Timeout mostly points to a routing issue, Firewall or misconfigured server.

Either way, use SET responsibly. It’s a Federal Offense if used for scamming and without permission. Also, it is very easy to track someone down for such activities.

Readers, feel free to join in via the comments section.

11 comments

  1. Has SET been removed from Kali 2.0?

  2. No. Listed under Exploitation Tools

  3. Not Found

    The requested URL / was not found on this server.
    Apache/2.4.10 (Debian) Server at 192.168.1.101 Port 80

    it’s always happen to me, when I try to visit the site that I just create with SET.
    I never experienced the same problem when I use Kali Linux version 1.x.x

  4. I have the same problem as Papadopaulus Problem, and I have make sure the Apache service is running, but it keeps telling me The requested URL / was not found on this server.,
    Please Help me… :/

  5. I have found the workaround for my problem, thank you

    • Hey pronto . Seems like i have the same problem , but i couldn’t find a solution . Please can you tell me how you worked around your problem. thank you

  6. When i enter my public ip on to browser it show my broad band login page plz help….

  7. HEY can anyone help me please when i try to hack outside my local area network while cloning a fake website i just have to set my external ip address but i have forwarded my port 443 and while generating the harvester it says cloning default port 80 so how can i use my forwarded port 443 on setoolkt for hacking outside lan

  8. hi there I have an unrelated problem. I am referring to the credential harvester method. Whenever someone enters their credentials into the cloned website, the page simply refreshes, and redirects them to the actual login page of the website which I cloned. After a user enters their details, they are not taken to the expected next page, and no error is shown, it simply just redirects them to the actual login page.

    How can this be fixed? Is this inevitable and is there any way to fix this?

  9. i think you need to take in consideration that google and other browser have contermisure for such attack, for your safity it’s good that you can not redirect to the cloned website.
    maybe this is the case, have you tried with different browsers?

Leave your solution or comment to help others.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from blackMORE Ops

Subscribe now to keep reading and get access to the full archive.

Continue reading

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.