• http://careerport.blogspot.com bhushan

    can we used that attack out side a network or LAN ? and if possible please give tutorials

    • http://www.vishnuvalentino.com v4L

      of course it’s possible :-) you should have vps(virtual private server) or your own server that directly have an ip public..
      requirement : ssh (really useful)
      the rest tutorial is the same like above :-)
      but before you implementing it I think you should learn more about tunneling and anonymizing… :-) (I still haven’t write the tutorial :p LoL)

  • Prince

    It seeks for an IP address after choosing the Web Template. What are we supposed to put there? Our own IP, or Google's IP or the Vic's IP?

    • http://www.vishnuvalentino.com v4L

      I’m still can’t get your question..after choosing web template you just choose the type of browser exploit you want to use..or if you still confuse, maybe you can write down here your question that written in your Backtrack console.

      • SomeGuy

        On the newest backtrack before asking you for the website, it asks for an IP for the POST back or whatever you are trying to do. I tried using my own, but it didn’t work. I am on Backtrack 5r3

  • Pingback: SPI Port Forward / Redirection for Windows to Another Port / IP Address | Vishnu Valentino Hacking Tutorial, Tips and Trick()

  • Milindu

    Please I need detailed information about configuring the cloned website to be hosted on a public address.. when i Use my public address along with the port it uses. still the redirection does not happen  from WAN. 

  • sadi770

    i am not able to do that,  after the 4th step it says "your interface ip adress", there i enter the victims ip adress . after all these steps when i open from victims computers it opens the desired page but dont show any progress in backtrack, as it says"no active sessions.
    please help me out as soon as possible.

    • http://www.vishnuvalentino.com v4L

      In this kind of attack you don’t need to input victim ip.

  • http://www.smashingtricks.com/ shubham

    Gr8 article..

  • Looph.Crack

    Im really new to this. Just want to verify though. If I do social engineering with the target for example and then i get to send her an email with a pdf file (ofcourse, from SET). After she downloads and open the pdf file on her PC it would execute the payload thus allowing me to get a session with that PC. Question, will i be able to do that on a remote pc? e.g. Target pc is on a different network. I really do need your help. I really want to learn more about this type of attack. Thanks much in advance

  • niru

    This attack is captured as an exploit by avast. how to byepass the Anti virus protection.. tried shikita encoder. but it throws some error!

  • lasha

    i do everything right, but now can you help me, how can i download files from target machine in my PC?


  • kailash

    sorry.metasploit is not found. like error is coming in socila engineering kit..please solve this….

    • http://www.vishnuvalentino.com v4L

      I don’t understand your question???

  • Ordinary Guy

    when i select “website attack vectors” i receive a message saying that Metasploit was not found, like if it isn’t installed, but this feature is supposed to be already installed, alright?

    extra info: i use backtrack 5 R2

    Thanks my friend (:

    • http://www.vishnuvalentino.com v4L

      Yes it should be installed there by default. maybe you can try to update your system by run apt-get update and apt-get upgrade to check the latest version..

  • malik

    i am using ur tutorial 4 back track 5.em getting problem in port to connect.where is to take that port e.g u take 4444 but its not working on my side.what should i do now ?

    • http://www.vishnuvalentino.com v4L

      then you can change it to other port number, maybe that port has been used.

  • lasha

    thanks for ur response. now i’m interested how can i connect to that notepad.exe file later, after i shutdown or restart my computer? i must run that server again and give him url? :)

    Read more : http://www./hacking-tutorial/15-step-to-hacking-windows-using-social-engineering-toolkit-and-backtrack-5/

  • Fullmetal

    Please help me … i done everything with my router to forward ports but not a single port is forwarding in my router .. i tried disabling the firewall antiviruses … everything .. in my router page the port is forwarded but still when i check whether my port is open or not (on this site : yougetsignal.com) it says it is CLOSED …

    Please Help i cant do anything without port forwarding :( :( :(

    • http://www.vishnuvalentino.com v4L

      maybe your connection isn’t using a public ip address; you can check did you use public or private IP address.
      or maybe your network topology looks like this :


      if your topology like that, you need to also forward the port on “ISP ROUTER WITH PUBLIC IP”.

      • Fullmetal

        and how do i do that ? ( port forward on ISP router ) ???

        • http://www.vishnuvalentino.com v4L

          absolutely “you can’t”; except you can ask your isp admin to open some port in it :)

  • Fullmetal

    Hey thanks now i m able to do cloning over LAN … but how can i do it outside LAN … plz tell me i tried many things but when i give my external IP to victim … that will open my router’s page on victim PC :( :( :( …. HELP HELP HELP

  • Vignesh

    For all SET attacks, I get following type of errors. Pls help.

    File “./set”, line 19, in
    from src.core.set import *
    File “/pentest/exploits/set/src/core/set.py”, line 959, in
    import wifiattack
    File “src/wireless/wifiattack.py”, line 171, in
    child2 = pexpect.spawn(“dhcpd3 -q -cf src/program_junk/dhcp.conf -pf /var/run/dhcp3-server/dhcpd.pid at0″)
    File “/usr/lib/python2.6/dist-packages/pexpect.py”, line 429, in __init__
    self._spawn (command, args)
    File “/usr/lib/python2.6/dist-packages/pexpect.py”, line 516, in _spawn
    raise ExceptionPexpect (‘The command was not found or was not executable: %s.’ % self.command)

  • Alex

    Can you help me on this error?
    I can not solve. please help me
    I tried to make this tutorial but could not.
    appears so
    root @ root: / Pentest / exploits / set
    I then put
    root @ root: / Pentest / exploits / set #. SET
    Traceback (most recent call last)
    file. “set”, line 61, in module
    setcore.GetVersion defines _version = ()
    AttributeError: ‘module’ object has no attribute ‘GetVersion’
    What do I do?

    • http://www.vishnuvalentino.com v4L

      sorry I can’t answer it, maybe others here?

  • Codex

    I think the web files should be stored somewhere on the PC. How do we access it?

  • kenta


    hi.when started to open ./set its shows like this please help me

    root@bt:/pentest/exploits/set# ./set
    bash: ./set: No such file or directory

    • http://www.vishnuvalentino.com v4L

      you can try to run msfupdate to update the library.

  • Abaxx

    Sir, can we send some mallicious files on a particular website..

    can we hack into .org websites ??

    plz reply sir.
    a thanx in advance :)

    • http://www.vishnuvalentino.com v4L

      you can send malicious file to website if only you can own the server.
      yes you can (.org, .com, etc) because it’s only the TLD.

  • yuvaraj

    Press <return> to continue
    [-] ***
    [-] * WARNING: Database support has been disabled
    [-] ***

    this error i got from my set what can i do for it.

  • alejandro

    no me sale nada entro por la pc victima y no abre la pagina

  • http://www.djpunjab.com parmar

    i m also using backtrack on virtual machine …
    but the ip address in not opening on window’s google chrome……
    help please……..

    • http://www.vishnuvalentino.com v4L

      I haven’t try it in chrome, maybe you can try it in other browser.
      since SET also public hacking module so it’s not impossible for the browser developer to prevent SET attack in their application

  • A.sharma

    Hello! sir my Anjeet i have use back|tack 5r2 os, hail mary -> by port options not show the armitage why sir please suggest…!

    • http://www.vishnuvalentino.com v4L

      you can try to update your backtrack metasploit using msfupdate.

  • safa

    first thanks for this great website !
    second : after the fourth step he ask me :
    are you using nat/port forwarding [yes|no]:
    (i’m using backtrack on vm i have backtrack 5 r3 )
    so what i have to do ? :(

    • http://www.vishnuvalentino.com v4L

      if you have public IP, you choose “NO”, if your network inside a router you choose “YES”.
      see the network logic here: http://www./hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/

      • safa

        what i have understood that with a router i must have public ip ( i can get it from google ) and local ip ( i can get it using command line ) . so he asking me if i have a public ip and i have it because i have a router so i must right no . then he asking to :
        ip address for the reverse connection .
        :O ???

        • safa

          I wrote the internal ip but at the end it been detected by avast anti virus as trojan even when i disabled the antivirus it does not work what did i do wrong ?

          • http://www.vishnuvalentino.com v4L

            if you have public ip and can configure your router, the reverse connection should put your public IP/your router address. and then you can redirect incoming packet into your local PC.

        • http://www.vishnuvalentino.com v4L

          to know about public or private IP address, you can use my tool here http://www./tips-and-trick/how-to-know-my-public-ip-address-in-4-steps/

          • safa

            “The best teachers are those who show you where to look, but don't tell you what to see” 

            your the best thanks :D 

          • http://www.vishnuvalentino.com v4L


            thank you

  • Max

    PLZ can you give me information about how can i get Social Engineering Tool Kit????

    • http://www.vishnuvalentino.com v4L


      You can download here https://www.trustedsec.com/downloads/social-engineer-toolkit/

      or you can download Kali Linux or Backtrack Linux the tool already included there.

      • MAx

        I want to use it in Windows vista or * can i run in any of the two os. And want to hack fb password PLZ help me out!!!

        • http://www.vishnuvalentino.com v4L


          only linux :-)

  • bilkers

    please help me guys
    how to update tools the social-engineer toolkit

  • http://denisetiawanputra.blogspot.com Deni Setiawan Putra


  • raja

    after web templates i get question like this

    are you using nat/port forwarding yes/no

    im not getting the 4 websites as shown in your tutorial..

    plz help me

    • http://www.vishnuvalentino.com v4L


      if you are inside a router of your ISP or company, you should use NAT(but you must have access to the router) and do the port forwarding.

  • raja

    how can ihack victims system in wan

    plz help me to do this

  • raja

    i have installed my bt5 r3 in vmware..by default it had its IP in diff network and i changed it to my network but its not pinging with my base machine what shuld i do for this….

    aftr restarting t bt5 it cmng to default IP

    plz help me..
    thnxx for rplying fr my previos ques..

    • http://www.vishnuvalentino.com v4L


      do not use NAT for the network connection, but use bridged connection instead

  • anony

    Hey bro, whats up?
    Man i stuck in the middle of above process. I successfully generated local ip that shows the google page OK. Then i opened it on. It opens well and other side in terminal it also some movement. But It stuck and does not create “notepad” .

    Plz help me out bro. (I wanted to add image i sniffed but your site does not has such options)

  • chimi

    I am in CMD DOS location of the victim pc C:> now i would like to copy the c: d: or e: drive data into my local pc or backtrack shared folder. how it would be, which command i would use for copy transfer data from victim pc into my pc.
    Its urgent please

    • Guest

      go back to meterpreter and type download “directory or file path”
      download c:\
      download d:\
      download e:\

  • legacy

    Please help Obi-Wan..you’re my last hope!

    I love your stuff and have learned so much from them. Im using the Kali Linux SET to clone a website and allow the victim to go to it to harvest the login details.

    I works great until the victim clicks on the link (the shortened url) that I have sent…and nothing happens…they NEVER connect to the cloned website!

    Im almost turning my back on Kali as its driving me crazy..I have port forwarded …but one of my settings must be wrong for it never to connect; surely!!???

    Help me anyone please contact


    • helper

      Double check your port forwarding. Maybe also the recieving end is not on the same port

  • Rami

    Hi ,

    Thanks for you tutorial i found it very useful. at the moment I’ve been searching for an answer to my question with no luck. i hope someone form this site can give me some insight.

    I am running Kali and been trying to use the settool kit. I do everything above in the tutorial but when the victim browse to the site i get this “GET /HTTP/1.1″ 200 – — .

    can someone help me with this problem ? I am using Version 5.4.2 of settoolkit on Kali .

    My e-mail is r.mahmoud00@gmail.com if you need more info.


  • Hitesh

    Thanks for you tutorial i found it very useful. at the moment I’ve been searching for an answer to my question with no luck. i hope someone form this site can give me some insight.

    I am running Kali and been trying to use the settool kit. I do everything above in the tutorial but when the victim browse to the site i get this “GET /HTTP/1.1″ 200 – –

    Can u help me??

  • greg

    launched Metasploit Browser Exploit Method
    payloads Windows Shell Reverse_TCP
    IP address or hostname for the reverse connection:
    open the ip address in the browser on virtualbox
    I see in the terminal

    [*] Server started. – – [30/Oct/2014 18:10:05] “GET / HTTP/1.1″ 200 –
    [*] browser_autopwn – Handling ‘/’
    [*] browser_autopwn – Handling ‘/’

    and this stop

    loading does not go beyond
    help me

  • Annyicety

    Pls help me. I will hack a twitter account!

  • pajapp

    HELP! Could noot find rake-10.4.2 in any of the sources! What should I do?

Back to top
mobile desktop