Page 1 of 7 123 ... LastLast
Results 1 to 10 of 67

Thread: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

  1. #1
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    I did a little write up on the new Java applet attack in the social engineering toolkit. I use it to clone a web site and trick a target into visiting it.

    The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

  2. #2
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Really interesting attack, pureh@te. I will take a look at it soon. Thanks for sharing!

  3. #3

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    here the attack presented by rel1k itself during Shmoocon 2010:

    download all the firetalk's videos - must see...lot of fun ;-)

    http://blip.tv/file/get/Irongeek-shm...ks20101888.mp4
    http://blip.tv/file/get/Irongeek-shm...ks20102210.mp4

    P.S: epsecially the Pentoo one ;-)
    ....hehehe I like these gentoo folks...

    /brtw2003
    Last edited by brtw2003; 02-23-2010 at 08:29 PM.

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    I know I was there.

  5. #5
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    16

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    I'm trying the website attack vectors option in SET.
    Al goes well untill i look at the email and open the link ,a
    jave applet should appear but it doesnt!

    On my bt4 machine i have sun java and openjdk installed.
    On my victim machine i've installed java too.

    Any ideas on what i'm doin wrong?

    SET's other options work great!!I love this tool!

    c

  6. #6
    Junior Member nightlybuild's Avatar
    Join Date
    Feb 2010
    Location
    InYourBucci/Chicago
    Posts
    36

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    There was a writeup on this over here if you want some more to read:

    Metasploit Unleashed - Mastering the Framework
    Ch.8 / Social-Engineering Toolkit

    It's a pretty interesting toolkit.
    If you get tired of listening to your music... cat /vmlinuz > /dev/audio
    -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
    Macbook 2.4Ghz Dual Core, 4GB Ram, Edimax EW-7318USG, BT4

  7. #7
    Just burned his ISO
    Join Date
    Feb 2010
    Location
    in your PC
    Posts
    10

    Wink Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Are theire any ways to spoof Emails.

    like From test@test.com
    to: potter@gmail.com

    And this should not go automatically in SPAM!

    In the Config File you can change Sendmail to ON but my tes Email went to Spam ;-(


    Thanks

  8. #8
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    35° 47' N/ 78° 39' W
    Posts
    6

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Nice, I wonder if the applet could be modified to mask the URL...

    ReL1k, you should see if Rapid7 is hiring...

    HackNCr@ck3r

  9. #9
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Nice one ph!

    @b_114 - The spoofing of the sender address in an email is easy. Bypassing a spam filter takes slightly more work. If you want to learn how to do this I'd recommend you read up on how various spam filtering methods work. SPF (Sender Policy Framework), for example, is one spam prevention method that works based on the sender address...
    Last edited by lupin; 02-26-2010 at 09:21 AM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  10. #10
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes

    Quote Originally Posted by HackNCr@ck3r View Post
    ReL1k, you should see if Rapid7 is hiring...
    ReL1k probably doesn't need the job. You might wanna check his bio out.

Page 1 of 7 123 ... LastLast

Similar Threads

  1. Help Creating Dial-Up, PPPoE Connection
    By MASTERofMINDS in forum Beginners Forum
    Replies: 4
    Last Post: 04-05-2011, 06:00 AM
  2. A Question about Fake Authentication
    By jasontschk in forum Beginners Forum
    Replies: 6
    Last Post: 02-18-2010, 03:06 PM
  3. creating BT4 USB persistent video
    By jimmy in forum Beginners Forum
    Replies: 0
    Last Post: 02-12-2010, 11:45 PM
  4. Replies: 0
    Last Post: 02-11-2010, 02:06 AM
  5. probleme social engineering toolkit 0.3
    By CX4STORM in forum Beginners Forum
    Replies: 1
    Last Post: 01-25-2010, 04:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •