A web template defines optional pre-existing HTML code that you can use to wrap around the content of a web page component. Typically, a web template defines stylistic design elements and generic information that you can tailor to a specific target when you build the actual web page. The purpose of a web template is to provide reusable presentation logic that you can share between campaigns that are part of the same project.For example, if you intend to use a spoofed version of your company’s web page for the majority of your campaigns, you should create a web template of your company’s site. This enables you to quickly build a web page based on an existing template and customize the web page according to your needs.When you create the web template, the body must contain the {{ web_page_content }} tag, which inserts the content that you create in the actual web page component into the web page.If the web template does not contain the {{ web_page_content }} attribute, you will not be able to save the web template.
1.)
2.) Click the Manage Reusable Resources tab.
3.)
4.)
5.) In the content editor, enter the HTML that you want the web template to use. By default, Metasploit Pro defines the DOCTYPE declaration for you:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
6.) When you create the HTML, you need to make sure that the web page includes the <html> tag to indicate the start of the web page and the </html> tag to denote the end of the web page. By default, web template includes the <head> element.
7.) Additionally, you need to define the title for the web page. By default, the title is Metasploit Pro Social Engineering Web Page. To replace the title with your own title, find the <title> element and replace the text inside the <title> element. You need to replace the title with the title of your web page.
8.) When you are ready to create the body of the web page, find the <body> element. The majority of the information for the web page will be defined in the <body> element. For example, you can define the background color and web page text.
9.) When you are ready to insert the content from the web page content into the template, click the Insert Custom Attribute dropdown, and select the Web Page Content attribute. This adds the {{ web_page_content }} tag, which denotes that the content from the web page component should be placed there.
10.) When you finish creating the web template, click the Save button.
1.)
2.) Click the Manage Reusable Resources tab.
3.)
4.)
5.) Click the Clone Website button.
6.) When the Clone Website window appears, enter the URL to the web page that you want to clone in the URL to clone field.
7.) Click the Clone button. Metasploit Pro copies the HTML from the web page and imports it into the content editor. At this point, you can make any additional customizations you want to the HTML. For example, you may want to tweak the look and feel of the web page so that it is apparent to the human target that the web page is a spoofed site.
8.) When you are done with your modifications, you need to find a place in the <body> element to insert the Web Page Content attribute. This attribute adds the
{{ web_page_content }} tag, which denotes that the content from the web page component should be placed there.
To insert the Web Page Content attribute, click the Insert Custom Attribute dropdown, and select the Web Page Content attribute.
9.) Click the Save button to save the template.
1.)
4.) When the web page configuration page appears, Click the Web Page button.
6.) In the Name field, enter a name for the web page component. This name displays under the web page button on the campaign configuration page.
7.) Click the Attack Type dropdown and choose a social engineering attack method.
8.) If the web page is part of a phishing attack, you will need to choose a redirect page. Choose one of the following options to select the redirect page:
• Redirect to URL - Redirects the human target to a real web page. For example, you can redirect the human target back to the company’s website or intranet.
• Campaign Redirect Page - Uses the redirect page that you create as part of the campaign. The redirect page must already exist for you to choose this option.
9.)
10.) When the Web Page Content window appears, click the Template dropdown and choose the web template that you want to apply to the web page.
11.) Click the Save button to save the web page.
1.)
2.) Click the Manage Reusable Resources tab.
3.)
5.) Click the Delete button.
6.) Click OK to confirm that you want to remove the template from the campaign.
![]() |