Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error while using website cloning tool #289

Closed
codejunkes opened this issue Sep 11, 2016 · 60 comments
Closed

Error while using website cloning tool #289

codejunkes opened this issue Sep 11, 2016 · 60 comments

Comments

@codejunkes
Copy link

@codejunkes codejunkes commented Sep 11, 2016

Error message:

Something went wrong, printing the error: zipimporter() argument 1 must be string, not function

Actions taken: setoolkit > Social-Engineering Attacks > Website Attack Vectors > Credential Harvester Attack Method > Web Template or Site Cloner .... gives this error

OS: Kali Linux 2.0 : kernel: 4.6.0-kali1-amd64

Python3 version: Python 3.5.2+
Python version: Python 2.7.12+

@L1ghtn1ng
Copy link
Contributor

@L1ghtn1ng L1ghtn1ng commented Sep 11, 2016

It looks like you are not using kali rolling, please make sure you are and have an up to date system and see if you get the same issue

@codejunkes
Copy link
Author

@codejunkes codejunkes commented Sep 11, 2016

Yes I am using kali rolling i.e. "deb http://http.kali.org/kali kali-rolling main contrib non-free"

I also git clone and install social-engineer-toolkit, but still the problem exist.

I think it is a problem with "en_US.UTF-8" encoding and zipimporter() function.

@userdsp
Copy link

@userdsp userdsp commented Sep 12, 2016

Same here! Everything its up to date!

[*] This could take a little bit...
[!] Something went wrong, printing the error: zipimporter() argument 1 must be string, not function

@gearcapitan
Copy link

@gearcapitan gearcapitan commented Sep 13, 2016

how to fix this error?????

@cicadian314
Copy link

@cicadian314 cicadian314 commented Sep 13, 2016

Same problem, with a fresh installation on Debian stretch

[*] This could take a little bit...
[!] Something went wrong, printing the error: zipimporter() argument 1 must be string, not function

@blackace306
Copy link

@blackace306 blackace306 commented Sep 13, 2016

I have the same issue. Kali live is fine. And it works on a fresh install up until I run apt-get upgrade. Any ideas?

@gearcapitan
Copy link

@gearcapitan gearcapitan commented Sep 13, 2016

may not be setoolkit problem should be an update as such linux affecting the operation. and try to copy the archvios the set kali kali live my usual but neither works, nor reinstall is dristro problem as such

@blackace306
Copy link

@blackace306 blackace306 commented Sep 13, 2016

I think it might be a problem with a new python update. I noticed a lot of python apps being upgraded when I run the upgrade. I think python updated its language and setoolkit has yet to catch up. I'm just not gonna run the upgrade until I find another solution.

@blackace306
Copy link

@blackace306 blackace306 commented Sep 13, 2016

It seems to be a fairly new issue as I cannot find anything else on it.

@blackace306
Copy link

@blackace306 blackace306 commented Sep 13, 2016

All I can think of is I just reinstalled Kali and will try to exclude all Python upgrades if I run the upgrade at all. Any other ideas are greatly appreciated though.

@hasrants
Copy link

@hasrants hasrants commented Sep 14, 2016

same issue here. running kali full on rasbery pi 3. was working fine up until i tried using setoolkit again a few days ago. I normally do update/upgrade/dis-upgrade daily to keep kali current.

@CamelToeJoe
Copy link

@CamelToeJoe CamelToeJoe commented Sep 14, 2016

Same issue here on my laptop and Raspi. Just upgraded both.

@gearcapitan
Copy link

@gearcapitan gearcapitan commented Sep 14, 2016

996a28823cb906784cfa3c12889d72f5
please!!! any solution?

@ghost
Copy link
Collaborator

@ghost ghost commented Sep 14, 2016

What version of SET is this? Unfortunately, this may be a Kali specific issue (still investigating) as it works fine on Ubuntu and Debian.
screen shot 2016-09-14 at 3 28 29 pm
.

@ghost
Copy link
Collaborator

@ghost ghost commented Sep 14, 2016

I don't even use zipimporter for anything....

@ghost
Copy link
Collaborator

@ghost ghost commented Sep 14, 2016

If someone can go and edit setoolkit and turn off error handling so I can see which line might be flagging, that would be super helpful.

In Kali, I think SET is located under /etc/setoolkit or /etc/set.

Go to that,

vi or nano setoolkit

On the very last lines where it has except Exception, comment all of that out like this:

handle exceptions

##except Exception as error:

core.log(error)

print("\n\n[!] Something went wrong, printing the error: " + str(error))

Save and exit, then re-run and give me the full error message.

@gearcapitan
Copy link

@gearcapitan gearcapitan commented Sep 14, 2016

ff37b80d21b352b3d7c967dbc14f8401
╭──[root Hacked by Gear in ~ process!]
╰──○ uname -a
Linux Gear 4.6.0-kali1-amd64 #1 SMP Debian 4.6.4-1kali1 (2016-07-21) x86_64 GNU/Linux

how to delete zipimporter o how to fix? :'(

@CamelToeJoe
Copy link

@CamelToeJoe CamelToeJoe commented Sep 14, 2016

Traceback (most recent call last):
File "./setoolkit", line 243, in
import src.core.set
File "/usr/share/set/src/core/set.py", line 473, in
import harvester
File "/usr/share/set/src/webattack/harvester/harvester.py", line 47, in
from OpenSSL import SSL
File "/usr/lib/python2.7/dist-packages/OpenSSL/init.py", line 8, in
from OpenSSL import rand, crypto, SSL
File "/usr/lib/python2.7/dist-packages/OpenSSL/crypto.py", line 13, in
from cryptography.hazmat.backends.openssl.backend import backend
File "/usr/lib/python2.7/dist-packages/cryptography/hazmat/backends/init.py", line 7, in
import pkg_resources
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 2976, in
@_call_aside
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 2962, in _call_aside
f(_args, *_kwargs)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 2989, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 651, in _build_master
ws = cls()
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 644, in init
self.add_entry(entry)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 700, in add_entry
for dist in find_distributions(entry, True):
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 1931, in find_distributions
importer = get_importer(path_item)
File "/usr/lib/python2.7/pkgutil.py", line 384, in get_importer
importer = path_hook(path_item)
TypeError: zipimporter() argument 1 must be string, not function

@ghost
Copy link
Collaborator

@ghost ghost commented Sep 14, 2016

Thanks, can you edit line 46 under src/webattack/harvester/harvester.py and comment out:

# detect openssl module
_#_try:
# from OpenSSL import SSL
# handle import error that openssl is not there
# except ImportError:
# print("Python OpenSSL wasn't detected, note that SSL compatibility is now turned off")

@gearcapitan
Copy link

@gearcapitan gearcapitan commented Sep 14, 2016

kali 2016-2016-09-14-15-02-44

:'(

@CamelToeJoe
Copy link

@CamelToeJoe CamelToeJoe commented Sep 14, 2016

Working now... will this get updated or will I need to go through all my machines and manually comment out the lines?

@Andimaxgt
Copy link

@Andimaxgt Andimaxgt commented Sep 14, 2016

Btw ,which scripting software are you using ,@gearcaptain ?looks nice

@PandoraSec
Copy link

@PandoraSec PandoraSec commented Sep 14, 2016

screenshot from 2016-09-14 14-23-10
i comment out the line and works for me, thanks 💃

@ghost
Copy link
Collaborator

@ghost ghost commented Sep 14, 2016

okay, sec I'll get it pushed - looks like maybe a bug in the openssl version in Kali, but I can handle the errors better.

@ghost
Copy link
Collaborator

@ghost ghost commented Sep 14, 2016

Please note that I've pushed 7.3.13 to address this issue and is tagged. It should be picked up by Kali rolling updates shortly. In the meantime if you are using the git repositories its immediately available.

Thanks for the assistance folks.

@trustedsec trustedsec closed this Sep 14, 2016
@cicadian314
Copy link

@cicadian314 cicadian314 commented Sep 15, 2016

Solved on Debian stretch commenting those lines

@aneopsy
Copy link

@aneopsy aneopsy commented Sep 16, 2016

Great Captain

@berryrare
Copy link

@berryrare berryrare commented Oct 7, 2016

Commenting out those lines worked for me too.. Thank you trustedsec

@saichand1716
Copy link

@saichand1716 saichand1716 commented Mar 22, 2017

I've tried everything but at last, i'm ending with the same issue.
hope someone gives a solution.
thank you.

@himshukla007
Copy link

@himshukla007 himshukla007 commented Mar 23, 2017

@miao-o
Copy link

@miao-o miao-o commented Apr 8, 2017

I have the same problem in the new kali linux, how to fix it

@himshukla007
Copy link

@himshukla007 himshukla007 commented Apr 12, 2017

@vipkiyo
Copy link

@vipkiyo vipkiyo commented Apr 14, 2017

screenshot from 2017-04-15 02-29-53
screenshot from 2017-04-15 02-31-33

i commented out the 2 "print" after the line of "except"

did this solve the problem or it just ommitted the lines that we should see during the attack?

Newbie here. please respect.

@gashonie
Copy link

@gashonie gashonie commented Apr 30, 2017

Same problem here, any solutions for this ?

@theblackturtle
Copy link

@theblackturtle theblackturtle commented May 2, 2017

image
I tried but cant solve this problem. Anyone help me. This error happen on all Kali linux 2017.1 version.

@Eyegabry99
Copy link

@Eyegabry99 Eyegabry99 commented May 2, 2017

i have the same problem and comment the line doesn't work on me. Please someone can help me?

@arismelachroinos
Copy link

@arismelachroinos arismelachroinos commented May 3, 2017

me too

@Kaliuser99
Copy link

@Kaliuser99 Kaliuser99 commented May 8, 2017

I found that there arent any .pem files in my files...nothing..any solution?

@Kaliuser99
Copy link

@Kaliuser99 Kaliuser99 commented May 8, 2017

The solution would be having those .pem files...i tried searching the set.config for pem and the location mentioned in it doesnt contain any pem files....maybe try changing location

@ATOPJC
Copy link

@ATOPJC ATOPJC commented May 12, 2017

Try updating it with PTF (pentesters framework) if there is a new version available

@Kaliuser99
Copy link

@Kaliuser99 Kaliuser99 commented May 12, 2017

@mrmurtaza
Copy link

@mrmurtaza mrmurtaza commented Aug 15, 2017

try it mine fixed.....
https://youtu.be/azG3pzNDSog

@sriniv398
Copy link

@sriniv398 sriniv398 commented Sep 18, 2017

i tired to throu wan credential harvest when cloning website result error:501 not implemented. but lan its works. pls help me

@sriniv398
Copy link

@sriniv398 sriniv398 commented Sep 18, 2017

kali linux 2017.1 social engineering toolkit credential harvester not working in wan "error:501 not implemented" pls help me

@Kaliuser99
Copy link

@Kaliuser99 Kaliuser99 commented Sep 19, 2017

@sriniv398
Copy link

@sriniv398 sriniv398 commented Sep 21, 2017

yeah i tried all steps above but no use pls help me bro

@sriniv398
Copy link

@sriniv398 sriniv398 commented Sep 21, 2017

When i cloning result is below:

[] WE GOT A HIT! Printing the output:
POSSIBLE USERNAME FIELD FOUND: __user=0
PARAM: __a=1
PARAM: __dyn=7AzHK4GgO649UrJxm2q3miWGey8jrWo466EeVE98nwgUb8aUgxebmEy3eF98qDKaxeUW2y7E4ium2S4o98b8uz8bo5S9J0Px61Bxqq2l0WwCw9a0FopCK6oc9oy6o5-fwByUa8lUoK1fze6E-3C78-5E-dg
PARAM: __af=h0
PARAM: __req=1
PARAM: __be=-1
PARAM: __pc=PHASED:DEFAULT
PARAM: __rev=3314701
PARAM: lsd=AVrr17tz
[
] WHEN YOU'RE FINISHED, HIT CONTROL-C TO GENERATE A REPORT.

@himuura
Copy link

@himuura himuura commented Oct 3, 2017

i don't know if it is related but i'm having a few issues with the cloner as well...whenever the site i'm cloning has special characters like " Ç " or " ó " the cloned result does not replicate those characters, they instead appear as % ou ~ . Anyone knows how to configure the correct charset?

@1598w
Copy link

@1598w 1598w commented Nov 3, 2017

so when apache is on on set.config that s what i get

  • [*] Cloning the website: https://login.........................

[] This could take a little bit...
The best way to use this attack is if username and password form
fields are available. Regardless, this captures all POSTs on a website.
[
] Apache is set to ON - everything will be placed in your web root directory of apache.
[] Files will be written out to the root directory of apache.
[
] ALL files are within your Apache directory since you specified it to ON.
Apache webserver is set to ON. Copying over PHP file to the website.
Please note that all output from the harvester will be found under apache_dir/harvester_date.txt
Feel free to customize post.php in the /var/www/html directory
[] All files have been copied to /var/www/html
[
] SET is now listening for incoming credentials. You can control-c out of this and completely exit SET at anytime and still keep the attack going.
[] All files are located under the Apache web root directory: /var/www/html
[
] All fields captures will be displayed below.
[Credential Harvester is now listening below...]
and when i am trying to put somme username and password i dont receivet and the harvester file is Empty

and when apache is off on set.config that s what i get

  • [*] Cloning the website: https://login........................................

[] This could take a little bit...
The best way to use this attack is if username and password form
fields are available. Regardless, this captures all POSTs on a website.
[
] The Social-Engineer Toolkit Credential Harvester Attack
[] Credential Harvester is running on port 80
[
] Information will be displayed to you as it arrives below:
[*] Looks like the web_server can't bind to 80. Are you running Apache or NGINX?
Do you want to attempt to disable Apache? [y/n]:
how can i solve this probléme ?????????????????????

@lucky798a
Copy link

@lucky798a lucky798a commented Jun 20, 2018

setoolkit

You may need to copy /var/www/* into /var/www/html depending on where your directory structure is. Press {return} if you understand what we're saying here.

honesytly dont understand this. can anyone help me with this pls respect

@YaroslavBF
Copy link

@YaroslavBF YaroslavBF commented Jun 20, 2018

all have problem with clone website! why author don't fix it?

@YaroslavBF
Copy link

@YaroslavBF YaroslavBF commented Jun 20, 2018

1>2>3>2 :
[-] Credential harvester will allow you to utilize the clone capabilities within SET
[-] to harvest credentials or parameters from a website as well as place them into a report

[!] Something went wrong, printing the error: [Errno 2] No such file or directory: '/etc/setoolkit/set.config'

@Kaliuser99
Copy link

@Kaliuser99 Kaliuser99 commented Jun 20, 2018

@mehdimers
Copy link

@mehdimers mehdimers commented Dec 15, 2018

setoolkit

You may need to copy /var/www/* into /var/www/html depending on where your directory structure is. Press {return} if you understand what we're saying here.

@testerfr810
Copy link

@testerfr810 testerfr810 commented Jan 10, 2019

setoolkit

You may need to copy /var/www/* into /var/www/html depending on where your directory structure is. Press {return} if you understand what we're saying here.

Same problem no issue pls ??????????

ty

@zly-123
Copy link

@zly-123 zly-123 commented Jan 11, 2020

为什么我连var/www都没有

@zly-123
Copy link

@zly-123 zly-123 commented Jan 11, 2020

image
为什么我的不显示密码和账号只有数据

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet