Welcome back, my hacker novitiates!
Recently, I demonstrated a hack where you could redirect traffic intended for one site, such as bankofamerica.com, to your fake website. Of course, to really make this work, you would need to make a replica of the site you were spoofing, or better yet, you could simply simply make a copy of the original site and host it on your own server!
HTTrack is just the tool for doing that.
HTTrack takes any website and makes a copy to your hard drive. This can be useful for searching for data on the website offline such as email addresses, information useful for social engineering, hidden password files (believe me, I have found a few), intellectual property, or maybe replicating a login page for a Evil Twin site to capture login credentials.
Unfortunately, HTTrack is not included in Kali, so we will need to download and install it. Fortunately, though, it is included in the Kali repository, so all we need to do is open the software repository and download and install it.
HTTrack comes in both a Windows and a Linux version. For those of you who refuse to take off the training wheels, you can download and install HTTrack for Windows on its website.
Step 1: Download & Install HTTrack
From Kali, we need to navigate to "System Tools" and then "Add/Remove Software," like in the screenshot below.
That will open a screen like the one below. Notice the window in the upper left-hand corner next to the "Find" button. Enter "httrack" there and it will find the packages you need to install HTTrack.
You can also install it by typing the following in a terminal.
- kali > apt-get install httrack
Step 2: Use HTTrack
Now that we have installed HTTrack, let's start by looking at the help file for HTTrack. When you downloaded and installed HTTrack, it placed it in the /usr/bin directory, so it should be accessible from any directory in Kali as /usr/bin is in the PATH variable. Let's type:
- kali > httrack --help
I've highlighted the key syntax line in the screenshot above. The basic syntax is the following, where -O stands for "output." This switch tells HTTrack where to send the website to.
- kali > httrack <the URL of the site> [any options] URL Filter -O <location to send copy to>
Using HTTrack is fairly simple. We need only point it at the website we want to copy and then direct the output (-O) to a directory on our hard drive where we want to store the website. One caution here, though. Some sites are HUGE. If you tried to copy Facebook to your hard drive, I can guarantee you that you do not have enough drive space, so start small.
Step 3: Test HTTrack
In an earlier tutorial on hacking MySQL databases behind websites (MySQL is the most widely used database backend behind websites), we used a website that we could hack with impunity called webscantest.com. Let's try to make a copy of that site to our hard drive.
- kali > httrack http://www.webscantest.com -O /tmp/webscantest
As you can see, we successfully made a copy of all the pages of this site on our hard drive.
Step 4: Explore the Site Copy
Now that we have captured and copied the entire site to our hard drive, let's take a look at it.
We can open the IceWeasel browser (or any browser) and view the contents of our copied site to the location on our hard drive. Since we copied the web site to /tmp/webscantest, we simply point our browser there and can view all the content of the website! If we point it to /tmp/webscantest/www.webscantest.com/login.html, we can see that we have an exact copy of the login page!
Hmmm...what could we possibly use that for???
Step 5: Copy Our Favorite Web Site
Now, let's try HTTrack on our favorite website, wonderhowto.com. Let's try to make a copy of a forum post I wrote last week about the CryptoLocker hack. First, let's open that page right here and copy the address into Kali after the HTTrack command and then the location where you want send the copy to.
- kali> httrack https://null-byte.wonderhowto.com/forum/cryptolocker-innovative-creative-hack-0151753/ -O /tmp/crytoloc
You can send the copied website to any location, but I sent mine to /tmp/crytoloc. When we do so, HTTrack will go into Null Byte, grab that webpage, and store an exact copy of it on your hard drive. Notice it also tells us that it is 208 bytes.
As you can see below, we were able to copy my Null Byte article on CryptoLocker to my Kali hard drive and open an exact copy of it with my browser.
If you are trying to find information about a particular company for social engineering or trying to spoof a website or login, HTTrack is an excellent tool for both tasks. Many of you have been asking about how to create a clone website for dnsspoof or grab credentials for an Evil Twin, now you have the tool to do so!
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
47 Comments
OO AWSOME OTW could we use this as a java attack from web browser?
Using meterpreter and msfconsole?
I don't understand your question.
OTW
o nvm i awnsered my own question :D
HI OTW, i would like you a question, my metasploit is not updating properly, could i delete some files then update && upgrade it again ? or it doesn't work that way
Bernoulli:
Rapid 7, who owns Metasploit now, has changed how you upgrade Metasploit. You can no longer simply type msfupdate. You must go to their website, register and then update.
OTW
OTW, Will this also capture the php files or only the http info. There is a site I would like to make a duplicate of for marketing purposes.
I guess another way to ask is, is this basically a copy program that will crawl the whole site grabbing what is displayed and putting it on my disk.
edited, OCT to Owt. sorry brain fart
Jon:
Why don't you clone a site and come back report your results here?
OTW
lol, Ok I will, I enjoy a challenge I have ordered my new hacking system and should have it up and running by weds next week. This should give me the disk space i need.
But I am pretty sure it wont access the sql server for php, if that is the data base, as you gave no setup for creating a data base to clone to.
More than likely it will clone from the display which came from the data base thus creating the clone. Basically a http site.
That's a reasonable assumption.
O.K so we need a "data base cloning hack"!!!! LOL I know this is what we are studying for here. to learn how to hack the data bases. And not just for passwords and credit cards but for real information like cloning a successful site, and its data base, the real gold to market what you are selling.
Humm, is there a hack to redirect links to your new site from a cloned site, thus elevating your position in search engines.
hummm could you spider the links and do a edit to the forums ect that are linked to that site
Jon:
I like the way you are thinking! I expect a report back from you soon.
OTW
O.K I am gonna take this as a hint that its time for me to stop reading and do some doing. (but its scary out there in the wild).
Httrack will not do what i need to have done as I actually will have to clone the database which means I will have to gain access to his Web server account. From there I can then clone his complete site and make editing changes in creating my site.
With admin privileges I can then dl a copy of his referring hosts which should direct me to those links he has already put in place. I know backtrack has the ability of spidering web sites and placing posts automatically so i will assume that Kali can do the same. As far as editing whatever links he has created I would need the PW for those accounts. So maybe best to create my own automated posts.
Based on what I have read my first steps will be to spoof my mac and ip address. Run through a few proxy's to get to the site. I still have a problem with using my access point as my router has a mac address which can be traced back to me, since I pay for it. But I can still do the next step of fingerprinting the web server.
I will start by using httprint since were in a HTT (httrack) type post. https://null-byte.wonderhowto.com/how-to/hack-like-pro-fingerprint-web-servers-using-httprint-0151242/
Ideas??? advice??? would love it hear it. Keep in mind I don't have any intentions of actually doing the above this is a exercise in gaining skills.
ok found his php info which gives me info on his data base.
mysql
MySQL Support enabled
Active Persistent Links 0
Active Links 0
Client API version 5.5.36
MYSQLMODULETYPE external
MYSQLSOCKET /var/lib/mysql/mysql.sock
MYSQLINCLUDE -I/usr/include/mysql
MYSQLLIBS -L/usr/lib64 -lmysqlclient
Directive Local Value Master Value
mysql.allowlocalinfile On On
mysql.allowpersistent On On
mysql.connecttimeout 60 60
mysql.defaulthost no value no value
mysql.defaultpassword no value no value
mysql.defaultport no value no value
mysql.defaultsocket /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock
mysql.defaultuser no value no value
mysql.maxlinks Unlimited Unlimited
mysql.maxpersistent Unlimited Unlimited
mysql.tracemode Off Off
openssl
OpenSSL support enabled
OpenSSL Library Version OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL Header Version OpenSSL 1.0.1e-fips 11 Feb 2013
This tells me what sql version he has which will now help me find a vulnerability to apply. would this be correct or am i wasting my time going through this.
Guys I already have sooo much access to his information I am just trying to post what i think applys. OMG I never new hacking was this easy. And yes I know I am a script kiddie and wont do anything stupid but man I never knew this.
Good job, Jon!
Thanks owt, I have to go to work now. but did find a nice little vulnerability altho I cant find a hack for it.
OSVDB-44056: /sips/sipssys/users/a/admin/user: SIPS v0.2.2 allows user account info (including password) to be retrieved remotely. research led me to CVE-2003-1553.
Spent most of the day working on it. But it has occurred to me that if you pentest sites without hacking the system but find all the hacks for it I bet a site owner would be willing to pay for that information.
Hi, Just for info...
Since our community here uses metasploit.
https://community.rapid7.com/community/metasploit/blog/2014/03/28/r7-2014-05-vulnerability-in-metasploit-modules-fixed
OTW: Thanks got it updated =)
OK I read most of your posts for newbies really stayed up for 4 hours reading but 1 thing ive visited many blogs about hacking and hacking outside of wan you have to port forward i can port forward but do i have to for this exploit ms08 067 netapi or windows xp machine outside of wan? And what port would i use 443?
Qadeem:
You only need to portforward if you are sharing that router with others. Forward which ever port the payload is using to connect back to you on.It varies by payload.
OTW
OK then thnx that clears alot of troubles because i do share my router with my family so thnx OTW
OK Ive seen this multiple times on other forums and Ive found a fix for gaming in backtrack i use it as my primary boot and secondary lxde third is windows 8 these games include .exe files btw only tested games i know that work for backtrack are minecraft .jar or .exe and wizarad101 .exe so if anyone wants me to make a thread on this just comment below!
Dear master OTW,
As per your instructions, I'm restating the problem in this tut.
The error occurred again. I typed 'linux hacks' into the wonderhowto search bar, copied the address of the resulting page into the HTTrack Copier's web address bar ( After downloading, whenever I try to view a web page offline, I get this message: "...Oops... This page has not been retrieved by HTTrack Website Copier". I have attached the screen shots. There's some kind of robots.txt error in the log file (attached). What could be the problem?
My purpose is to get ALL your tuts for offline viewing so that I can read them after work hours. Moreover, as I had stated to you, my internet connectivity is intermittent.
I wish that ALL of your tuts (and others' related to hacking) could be available in pdf. Now that, for me, would be manna from heaven.
Can you help me download all of your tuts (and others' related to hacking)?
I am using Samsung Galaxy Grand.
(address I pasted in HTTrack:
https://null-byte.wonderhowto.com
/search/linux-hacks/ )
Thanks.
Sorry... the 'Upload New Image' button
isn't working so copying and pasting
the log file. (This page is not at all android-
friendly.) But what should I do about
screen shots?
HTTrack3.48-8+htsjava launched on Thu, 29 May 2014 19:48:51 at https://null-byte.wonderhowto.com/search/linux-hacks/ +.png +.gif +.jpg +.css +.js -ad.doubleclick.net/ -mime:application/foobar
(httrack -@i4 -O /storage/extSdCard/DIY -r999A25000k%Px%q0u1s2%s%u%fDaK0p3N0H0 https://null-byte.wonderhowto.com/search/linux-hacks/ +.png +.gif +.jpg +.css +.js -ad.doubleclick.net/ -mime:application/foobar -F "Mozilla/4.5 (compatible; HTTrack 3.0x; Windows 98)" -%F "<!-- Mirrored from %s%s by HTTrack Website Copier/3.x XR&CO'2013, %s -->" -%l en, )
Information, Warnings and Errors reported for this mirror:
note: the hts-log.txt file, and hts-cache folder, may contain sensitive information,
such as username/password authentication for websites mirrored in this project
do not share these files/folders if you want these information to remain private
19:50:55 Warning: Moved Temporarily for img.wonderhowto.com/robots.txt
19:50:55 Warning: File has moved from img.wonderhowto.com/robots.txt to https://www.wonderhowto.com/robots.txt
Try removing -mime:application/foobar.
Don't worry about the robots.txt warning. It's not an error, just informing you of a redirect for the robots.txt file from the img subdomain to the www subdomain. The robots.txt file is only needed by web crawlers... it has no effect on the rendering of the page.
Thanks bro, but it didn't work. ..
Omega:
Simply use the same syntax that I did in the tutorial. You don't need all those options.
Wow lotta down voting on this one.. Sorry off topic but. 10 years ago this is one of the things sites were getting cloned with.Here I have not used it in a grip but sure its still good for something.
Have tried many times but
am unable to attach screen shots
cause the Upload New Image link
isn't working.
Hope you'll be able to help me
master OTW.
THANKS
Bryan:
Thanks. But it didn't work
OTW:
Thanks master, but it didn't work.
I've decided to do it the hard way
and save for offline reading as
many of your tuts as I can.
by the way, master, have you given
thought to my suggstion that all your
tuts be downloadable (pdf, word, etc.)
You could delegaye it to worthies like Brian, Justin or
ghost-I'm sure they'll be honoured to do
it. It will be a yeoman service...
I disagree with your idea about downloadable content. Null byte is a community forum. you can learn a lot with comments and opinions about the article. If you downloaded the article, you will miss a lot.
Amazingly best :D Thanks for Share it .
Hi, bit of a silly question, but will this program also download the MySQL database associated with it? I'm hoping to clone the website to make a lot of changes but need to be able to view everything as it would be online. Thanks in advance
Damien:
No, this tool will not clone the database, only the website. To clone the database, use sqlmap. I have a database hacking series here that you might find useful.
OTW
Hi OTW
Would you recommend Social engineering toolset's Site Cloner over HTTrack?
I've tried Site cloner and it works like a charm very easily, I haven't yet gone through this tutorial but just wondering what you thought of Site cloner.
HELLO
PLS AM A BIT OF A BEGGINNER BUT I WANTED TO ASK IFITS COMPULSORY TO DOWNLOAD KALI AND ALSO WHAT PART DOES KALI PLAY BECAUSE I ALREADY INSTALLED HTTTRACK ON MY SYSTEM EASILY
Kali doesn't play a role in this tutorial, but it's a great pentesting tool and used in almost all the other tutorials.
If you just want to use HTTrack, you could even use Windows.
hi please i just followed the steps to clone a website but i dont know if truly the site have been cloned can some one help me to know how i can know it it was successful
Simply check for hard drive to see if it was successfully downloaded.
Hi master,
I have tried cloning a websites main page like ( http://example.com/login) successfully but when I tried cloning the session page or the page we see after logging in, I'd say Home Page It shows error.
The website is https secured.
Do you think its problem from my side or it is because of the site's encryption?
Thanks
Steven
HTTrack is a good tool. But it doesn't work with major login sites like google or yahoo so it's pretty useless if you want to make a phishing page.
This is because you first have to enter your email, which it checks on their server, and then brings in the password login box with some animation. If it's a phishing page, it either won't work (Yahoo) or you're redirected to the real login page (Google). I've noticed that even Microsoft is trying to make their logins like this also.
Any workaround to overcome this?
Yeah! httrack is really a great tool to clone a website. However i had found a website where i'd found clonning app cloner pro i mean which can clone any app easily. :) i found it interesting ! ;)
hi, such an interesting article...thanks
but can I use the login page that I got from cloning the website for phishing ?
if so, how ?
thanks a lot for sharing your information.
E: Could not get lock /var/lib/dpkg/lock-frontend - open (11: Resource temporarily unavailable)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), is another process using it?
HELP!!!!!!!!!!!!!!!!!!!!!!!!!!
HELP!!!!!!!!!!!!!
Probably a stupid question/questions.
Do i need to buy a domain to connect to a cloned site? If so, how would i get away with using this site ive just cloned?
Im assuming a VPN is necessary when cloning?
Share Your Thoughts