Results 1 to 4 of 4

Thread: SET applet attack - binary execution broken?

  1. #1
    Junior Member
    Join Date
    Feb 2006
    Posts
    25

    Default SET applet attack - binary execution broken?

    Hi all,
    Anyone else having trouble with SET's java applet attack lately?
    I've been using SET from its beginnings and one of my favorite methods is to clone a website and let the applet run my own binary. It has always worked very well but lately I can't get the binary to execute. It seems the applet runs without a problem but it doesn't execute my binary (I see it gets transferred on to the cache properly it just doesn't get executed and java.exe keeps running as a process instead of launching my binary).

    I've tried this even using calc.exe as the payload and still nothing (client machine is XP SP3 with latest java updates all installed). I even tried using some of my old site from previous SET versions that used to run beautifully and still the same problem. It seems that for some reason the applets to launch our binaries are broke and just sit there. Is this maybe related to some java update that breaks cmd.exe functionality or something?

    Can someone else try to see if they're getting the same results so that I can eliminate my XP machine as the problem? I've tried with latest firefox and IE and soon I'm going to try with Windows 7 when I have access to one to try and see if I can pinpoint the problem.

    Thanks

    To be a little more specific, I think the problem may lie in this section of Thomas Werth's applet code:

    //Java Api call to create a new process.
    //Which uses cmd.exe to execute freshly downloaded payload.
    f = Runtime.getRuntime().exec(“CMD.exe /c start ” + pfad);


    It seems this process fails for me now when it used to work beautifully not too long ago. Any ideas would be appreciated, specially from Thomas or David.

    Lol, maybe I should have posted this in the experts section instead.
    Last edited by Archangel-Amael; 10-01-2010 at 09:07 PM.

  2. #2
    Member iceman_3233's Avatar
    Join Date
    Jan 2010
    Location
    Fort Washington
    Posts
    56

    Default Re: SET applet attack - binary execution broken?

    Try
    # CREATE SELF-SIGNED JAVA APPLETS AND SPOOF PUBLISHER NOTE THIS REQUIRES YOU TO
    # INSTALL ---> JAVA 6 JDK, BT4 OR UBUNTU USERS: apt-get install openjdk-6-jdk
    # IF THIS IS NOT INSTALLED IT WILL NOT WORK. CAN ALSO DO apt-get install sun-java6-jdk
    The enemy is no longer ignorance - It is vigilance

  3. #3
    Junior Member
    Join Date
    Feb 2006
    Posts
    25

    Default Re: SET applet attack - binary execution broken?

    Quote Originally Posted by iceman_3233 View Post
    Try
    # CREATE SELF-SIGNED JAVA APPLETS AND SPOOF PUBLISHER NOTE THIS REQUIRES YOU TO
    # INSTALL ---> JAVA 6 JDK, BT4 OR UBUNTU USERS: apt-get install openjdk-6-jdk
    # IF THIS IS NOT INSTALLED IT WILL NOT WORK. CAN ALSO DO apt-get install sun-java6-jdk
    Yeah, I know about that and that's working fine. The problem isn't with the certificates, it's with the applet not executing my binary (.exe) even though it manages to download it properly to %temp%. It just doesn't execute properly.

    thanks anyway

  4. #4
    Junior Member
    Join Date
    Feb 2006
    Posts
    25

    Default Re: SET applet attack - binary execution broken?

    So no one can tell me if they're having the same issue or not so that I can exclude this from being a problem on my client machine?

    Anyone know how to contact David Kennedy besides irc or know of a better place to post this question? Does he check this forum at all?

Similar Threads

  1. WEP Shared Key Authentication attack "Broken SKA"
    By Hawkje in forum Experts Forum
    Replies: 3
    Last Post: 11-18-2010, 01:21 PM
  2. Acceso a Windows 7 por Medio de SET (Java Applet Attack)
    By šØrτĦacK in forum BT Videos - ES
    Replies: 0
    Last Post: 05-01-2010, 07:36 PM
  3. Java Applet with Meterpreter Payload
    By purehate in forum OLD Misc Tools
    Replies: 1
    Last Post: 01-22-2010, 10:27 PM
  4. Understanding ASM and binary execution?
    By rmills in forum OLD Programming
    Replies: 6
    Last Post: 08-28-2009, 03:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •