Social Engineering Toolkit

[sparrow03]

I am experimenting the Social Engineering Toolkit and followed a demo by Security Tube using A Hacker's Guide to Social Engineering Toolkit Part One and noticed there are some missing options under config.file under nano config/set_config.
such as spoofing email address=off, auto detect interface=off, etc,

How do I update it or add additional options into config file?

Thanks

[Archangel-Amael]

svn up in the SET directory will update set.

[sparrow03]

Thanks for your reply, yes it added all the additional options in config file ok.

I hope it is ok if I ask another question about Credential Harvester using Social Engineer Toolkit, I fired up ./set and entered all the questions according to A Hacker's guide to Social Engineer Toolkit on Security Tube. When I clicked http://10.0.2.15 in my gmail account, another webpage came up, took a while loading then shows connections has timed out on another webpage.

Not sure if it is to do with latest patch on browser or forward port on router or incorrect settings in SET?

My apologise if it is in wrong thread?

Thanks

[Archangel-Amael]

You should look at the tutorials on SecManiac.com - The home of David Kennedy (ReL1K) < that's the author's (Rel1ks') page and he produces the official videos and tutorials for set.

[relik]

Sparrow03, you need to edit the config/set_config file and turn AUTO_DETECT=ON to AUTO_DETECT=OFF and set it up accordingly, what's happening is the website is looking to load on 10.0.2.15 when that should be your IP address of your external IP/port forwarding address. When you turn that off you'll notice you get prompted for additional questions.

Hope that helps.

-Dave