• OTW

Web App Hacking, Part 8: Cloning a Web Site with httrack


Welcome back, my nascent hackers!

Often when attempting to hack a web site, it might be useful to make a copy and work with it off-line. While working online, often our actions will be detected by security devices such as an IDS or WAF and security engineers. By taking the web site off-line, we can take our time examining its inner-working while we look for vulnerabilities and develop exploits.

In addition, we can use a copy of the web site for social engineering attacks and such attacks as DNS attacks, where we re-direct local users to our web site rather than the original. If we have an identical web site, the users are unlikely to notice that they are on a malicious website!

There is a tool specially designed for making clones of web sites both for research and social engineering purposes. It's built into Kali and called httrack. In this tutorial we will learn to use this tool to make an identical copy of a web site and so we can host it on our web server.

Step #1 Fire Up Kali and open httrack

Of course, the first step is to fire up Kali and open httrack. You can find it by going to Applications -> Web Application Analysis -> httrack, as shown below.

When you do so, it will open a terminal like below with a help screen.

Although httrack has numerous options, it is most simple form, the syntax for this tool is;

kali > httrack <target URL>

In this case, we will use httrack to copy our www.webscantest.com test web site.

kali > httrack www.webscantest.com

When httrack is finished, it will thank you for using httrack and return you to the Kali prompt like below.

Step #2: Locating the Clone Web Site and Viewing it With a Browser

Now, when we do a long listing on our working directory (in my case /root), we can see that httrack created a directory with the name of the site, www.webscantest.com.

kali > ls -l

Let's navigate to that directory and do a long listing. As you can see below, it cloned all the pages and directories of the site with the exception of the database ( we can get the contents database with sqlmap).

kali > cd www.webscantest.com

kali > ls -l

Now, we can open the website by pointing our browser at the index file and it opens a perfect clone of the website!

Now that we have a cloned copy of the website, we can begin to use tools such as Wikto or OWASP-ZAP to find vulnerabilities that we can exploit against the live site without triggering any alerts on the security devices or the security engineers! In addition, we might use this cloned site for social engineering and DNS attacks!


2,952 views