Really interesting attack, pureh@te. I will take a look at it soon. Thanks for sharing!
The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
I did a little write up on the new Java applet attack in the social engineering toolkit. I use it to clone a web site and trick a target into visiting it.
The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
Really interesting attack, pureh@te. I will take a look at it soon. Thanks for sharing!
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
here the attack presented by rel1k itself during Shmoocon 2010:
download all the firetalk's videos - must see...lot of fun ;-)
http://blip.tv/file/get/Irongeek-shm...ks20101888.mp4
http://blip.tv/file/get/Irongeek-shm...ks20102210.mp4
P.S: epsecially the Pentoo one ;-)
....hehehe I like these gentoo folks...
/brtw2003
Last edited by brtw2003; 02-23-2010 at 08:29 PM.
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
I know I was there.
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
I'm trying the website attack vectors option in SET.
Al goes well untill i look at the email and open the link ,a
jave applet should appear but it doesnt!
On my bt4 machine i have sun java and openjdk installed.
On my victim machine i've installed java too.
Any ideas on what i'm doin wrong?
SET's other options work great!!I love this tool!
c
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
There was a writeup on this over here if you want some more to read:
Metasploit Unleashed - Mastering the Framework
Ch.8 / Social-Engineering Toolkit
It's a pretty interesting toolkit.
If you get tired of listening to your music... cat /vmlinuz > /dev/audio
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
Macbook 2.4Ghz Dual Core, 4GB Ram, Edimax EW-7318USG, BT4
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
Are theire any ways to spoof Emails.
like From test@test.com
to: potter@gmail.com
And this should not go automatically in SPAM!
In the Config File you can change Sendmail to ON but my tes Email went to Spam ;-(
Thanks
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
Nice, I wonder if the applet could be modified to mask the URL...
ReL1k, you should see if Rapid7 is hiring...
HackNCr@ck3r
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
Nice one ph!
@b_114 - The spoofing of the sender address in an email is easy. Bypassing a spam filter takes slightly more work. If you want to learn how to do this I'd recommend you read up on how various spam filtering methods work. SPF (Sender Policy Framework), for example, is one spam prevention method that works based on the sender address...
Last edited by lupin; 02-26-2010 at 09:21 AM.
Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".
The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.
Re: The Social Engineering Toolkit: Creating Fake Web Sites to Own Boxes
ReL1k probably doesn't need the job. You might wanna check his bio out.Originally Posted by HackNCr@ck3r
ReL1k, you should see if Rapid7 is hiring...
Posting Permissions
