Hack Like a Pro: How to Clone Any Website Using HTTrack

HI OTW, i would like you a question, my metasploit is not updating properly, could i delete some files then update && upgrade it again ? or it doesn't work that way

Bernoulli:

Rapid 7, who owns Metasploit now, has changed how you upgrade Metasploit. You can no longer simply type msfupdate. You must go to their website, register and then update.

OTW

OTW, Will this also capture the php files or only the http info. There is a site I would like to make a duplicate of for marketing purposes.

I guess another way to ask is, is this basically a copy program that will crawl the whole site grabbing what is displayed and putting it on my disk.

edited, OCT to Owt. sorry brain fart

Jon:

Why don't you clone a site and come back report your results here?

OTW

lol, Ok I will, I enjoy a challenge I have ordered my new hacking system and should have it up and running by weds next week. This should give me the disk space i need.

But I am pretty sure it wont access the sql server for php, if that is the data base, as you gave no setup for creating a data base to clone to.

More than likely it will clone from the display which came from the data base thus creating the clone. Basically a http site.

That's a reasonable assumption.

O.K so we need a "data base cloning hack"!!!! LOL I know this is what we are studying for here. to learn how to hack the data bases. And not just for passwords and credit cards but for real information like cloning a successful site, and its data base, the real gold to market what you are selling.

Humm, is there a hack to redirect links to your new site from a cloned site, thus elevating your position in search engines.

hummm could you spider the links and do a edit to the forums ect that are linked to that site

Jon:

I like the way you are thinking! I expect a report back from you soon.

OTW

OK Ive seen this multiple times on other forums and Ive found a fix for gaming in backtrack i use it as my primary boot and secondary lxde third is windows 8 these games include .exe files btw only tested games i know that work for backtrack are minecraft .jar or .exe and wizarad101 .exe so if anyone wants me to make a thread on this just comment below!

Dear master OTW,

As per your instructions, I'm restating the problem in this tut.

The error occurred again. I typed 'linux hacks' into the wonderhowto search bar, copied the address of the resulting page into the HTTrack Copier's web address bar ( After downloading, whenever I try to view a web page offline, I get this message: "...Oops... This page has not been retrieved by HTTrack Website Copier". I have attached the screen shots. There's some kind of robots.txt error in the log file (attached). What could be the problem?

My purpose is to get ALL your tuts for offline viewing so that I can read them after work hours. Moreover, as I had stated to you, my internet connectivity is intermittent.

I wish that ALL of your tuts (and others' related to hacking) could be available in pdf. Now that, for me, would be manna from heaven.

Can you help me download all of your tuts (and others' related to hacking)?

I am using Samsung Galaxy Grand.

(address I pasted in HTTrack:
https://null-byte.wonderhowto.com

/search/linux-hacks/ )

Thanks.

Sorry... the 'Upload New Image' button
isn't working so copying and pasting
the log file. (This page is not at all android-
friendly.) But what should I do about
screen shots?

HTTrack3.48-8+htsjava launched on Thu, 29 May 2014 19:48:51 at https://null-byte.wonderhowto.com/search/linux-hacks/ +.png +.gif +.jpg +.css +.js -ad.doubleclick.net/ -mime:application/foobar

(httrack -@i4 -O /storage/extSdCard/DIY -r999A25000k%Px%q0u1s2%s%u%fDaK0p3N0H0 https://null-byte.wonderhowto.com/search/linux-hacks/ +.png +.gif +.jpg +.css +.js -ad.doubleclick.net/ -mime:application/foobar -F "Mozilla/4.5 (compatible; HTTrack 3.0x; Windows 98)" -%F "<!-- Mirrored from %s%s by HTTrack Website Copier/3.x XR&CO'2013, %s -->" -%l en, )

Information, Warnings and Errors reported for this mirror:
note: the hts-log.txt file, and hts-cache folder, may contain sensitive information,
such as username/password authentication for websites mirrored in this project
do not share these files/folders if you want these information to remain private

19:50:55 Warning: Moved Temporarily for img.wonderhowto.com/robots.txt
19:50:55 Warning: File has moved from img.wonderhowto.com/robots.txt to https://www.wonderhowto.com/robots.txt

Try removing -mime:application/foobar.

Don't worry about the robots.txt warning. It's not an error, just informing you of a redirect for the robots.txt file from the img subdomain to the www subdomain. The robots.txt file is only needed by web crawlers... it has no effect on the rendering of the page.

Thanks bro, but it didn't work. ..

Omega:

Simply use the same syntax that I did in the tutorial. You don't need all those options.

Wow lotta down voting on this one.. Sorry off topic but. 10 years ago this is one of the things sites were getting cloned with.Here I have not used it in a grip but sure its still good for something.

Have tried many times but
am unable to attach screen shots
cause the Upload New Image link
isn't working.

Hope you'll be able to help me
master OTW.

THANKS

Bryan:
Thanks. But it didn't work

OTW:
Thanks master, but it didn't work.
I've decided to do it the hard way
and save for offline reading as
many of your tuts as I can.
by the way, master, have you given
thought to my suggstion that all your
tuts be downloadable (pdf, word, etc.)
You could delegaye it to worthies like Brian, Justin or
ghost-I'm sure they'll be honoured to do
it. It will be a yeoman service...

I disagree with your idea about downloadable content. Null byte is a community forum. you can learn a lot with comments and opinions about the article. If you downloaded the article, you will miss a lot.

Amazingly best :D Thanks for Share it .

Hi, bit of a silly question, but will this program also download the MySQL database associated with it? I'm hoping to clone the website to make a lot of changes but need to be able to view everything as it would be online. Thanks in advance

Damien:

No, this tool will not clone the database, only the website. To clone the database, use sqlmap. I have a database hacking series here that you might find useful.

OTW

Hi OTW

Would you recommend Social engineering toolset's Site Cloner over HTTrack?

I've tried Site cloner and it works like a charm very easily, I haven't yet gone through this tutorial but just wondering what you thought of Site cloner.

Kali doesn't play a role in this tutorial, but it's a great pentesting tool and used in almost all the other tutorials.

If you just want to use HTTrack, you could even use Windows.

hi please i just followed the steps to clone a website but i dont know if truly the site have been cloned can some one help me to know how i can know it it was successful

Simply check for hard drive to see if it was successfully downloaded.

Hi master,

I have tried cloning a websites main page like ( http://example.com/login) successfully but when I tried cloning the session page or the page we see after logging in, I'd say Home Page It shows error.

The website is https secured.
Do you think its problem from my side or it is because of the site's encryption?
Thanks
Steven

HTTrack is a good tool. But it doesn't work with major login sites like google or yahoo so it's pretty useless if you want to make a phishing page.

This is because you first have to enter your email, which it checks on their server, and then brings in the password login box with some animation. If it's a phishing page, it either won't work (Yahoo) or you're redirected to the real login page (Google). I've noticed that even Microsoft is trying to make their logins like this also.

Any workaround to overcome this?

Yeah! httrack is really a great tool to clone a website. However i had found a website where i'd found clonning app cloner pro i mean which can clone any app easily. :) i found it interesting ! ;)

hi, such an interesting article...thanks
but can I use the login page that I got from cloning the website for phishing ?
if so, how ?
thanks a lot for sharing your information.

E: Could not get lock /var/lib/dpkg/lock-frontend - open (11: Resource temporarily unavailable)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), is another process using it?
HELP!!!!!!!!!!!!!!!!!!!!!!!!!!
HELP!!!!!!!!!!!!!

Probably a stupid question/questions.

Do i need to buy a domain to connect to a cloned site? If so, how would i get away with using this site ive just cloned?

Im assuming a VPN is necessary when cloning?