Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Social Engineering Toolkit Help!!

  1. #1
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Social Engineering Toolkit Help!!

    Hey guyss..im new in social engineering toolkit ...i need some help
    Here my videolink..: YouTube - Social Engineering Toolkit Help!!

    im trying to use Java Applet Attack but error on SET..
    error say: invalid option, try -h for usage..if SET working he should open MSF console right but that i got..need helpppp.. thx..sorry for bad english..

  2. #2
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Social Engineering Toolkit Help!!

    Have you tried updating SET ?
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  3. #3
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: Social Engineering Toolkit Help!!

    Quote Originally Posted by sickness View Post
    Have you tried updating SET ?
    i aready update SET..but dunt know why like that..
    any idea?

  4. #4
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Social Engineering Toolkit Help!!

    Hmmm please try this with a liveCD, so we can tell if it's a SET problem or if you did something.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  5. #5
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: Social Engineering Toolkit Help!!

    Still same..im using livecd backtrack4 final..any idea?

  6. #6
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Social Engineering Toolkit Help!!

    Ok make sure SET and Metasploit are updated both
    Code:
     root@evilbox:/pentest/exploits/SET# svn up
    At revision 371.
    Code:
     root@evilbox:/pentest/exploits/framework3# svn up
    At revision 11078.
    And paste your set_config file.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  7. #7
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: Social Engineering Toolkit Help!!

    here my config_set :
    ################################################## ################################################
    # The following config file will allow you to customize settings within
    # the Social Engineer Toolkit. The lines that do not have comment code
    # ("#") are the fields you want to toy with. They are pretty easy to
    # understand.
    #
    # The Metasploit path is the default path for where Metasploit is located.
    # Metasploit is required for SET to function properly.
    #
    # The ETTERCAP function specifies if you want to use ARP Cache poisoning in
    # conjunction with the web attacks, note that ARP Cache poisoning is only
    # for internal subnets only and does not work against people on the internet.
    #
    # The SENDMAIL option allows you to spoof source IP addresses utilizing an
    # application called SendMail. Sendmail is installed by default on BackTrack 4
    # and can be used to spoof email addresses when performing the mass email
    # attacks.
    #
    # Note that ETTERCAP and SENDMAIL flags only accept ON or OFF switches.
    #
    # Note that the Metasploit_PATH cannot have a / after the folder name.
    #
    # There are additional options, read the comments for additional descriptions.
    #
    ################################################## ##############################################
    #
    # DEFINE THE PATH TO METASPLOIT HERE, FOR EXAMPLE /pentest/exploits/framework3
    METASPLOIT_PATH=/pentest/exploits/framework3
    #
    # DEFINE TO USE ETTERCAP OR NOT WHEN USING WEBSITE ATTACK ONLY SET TO ON AND OFF
    ETTERCAP=OFF
    #
    # SPECIFY WHAT INTERFACE YOU WANT ETTERCAP TO LISTEN ON, IF NOTHING WILL DEFAULT
    # EXAMPLE: ETTERCAP_INTERFACE=wlan0
    ETTERCAP_INTERFACE=eth0
    #
    # ETTERCAP HOME DIRECTORY (NEEDED FOR DNS_SPOOF)
    ETTERCAP_PATH=/usr/share/ettercap
    #
    # SENDMAIL ON OR OFF FOR SPOOFING EMAIL ADDRESSES
    SENDMAIL=OFF
    #
    # SET TO ON IF YOU WANT TO USE EMAIL IN CONJUNCTION WITH WEB ATTACK
    WEBATTACK_EMAIL=OFF
    #
    # CREATE SELF-SIGNED JAVA APPLETS AND SPOOF PUBLISHER NOTE THIS REQUIRES YOU TO
    # INSTALL ---> JAVA 6 JDK, BT4 OR UBUNTU USERS: apt-get install openjdk-6-jdk
    # IF THIS IS NOT INSTALLED IT WILL NOT WORK. CAN ALSO DO apt-get install sun-java6-jdk
    SELF_SIGNED_APPLET=OFF
    #
    # THIS FLAG WILL SET THE JAVA ID FLAG WITHIN THE JAVA APPLET TO SOMETHING DIFFERENT.
    # THIS COULD BE TO MAKE IT LOOK MORE BELIEVABLE OR FOR BETTER OBFUSCATION
    JAVA_ID_PARAM=Secure Java Applet
    #
    # JAVA APPLET REPEATER OPTION WILL CONTINUE TO PROMPT THE USER WITH THE JAVA APPLET IF
    # THE USER HITS CANCEL. THIS MEANS IT WILL BE NON STOP UNTIL RUN IS EXECUTED. THIS GIVES
    # A BETTER SUCCESS RATE FOR THE JAVA APPLET ATTACK
    JAVA_REPEATER=ON
    #
    # JAVA REPEATER TIMING WHICH IS THE DELAY IT TAKES BETWEEN THE USER HITTING CANCEL TO
    # WHEN THE NEXT JAVA APPLET RUNS. BE CAREFUL SETTING TO LOW AS IT WILL SPAWM THEM OVER
    # AND OVER EVEN IF THEY HIT RUN. 200 EQUALS 2 SECONDS.
    JAVA_TIME=200
    #
    # AUTO DETECTION OF IP ADDRESS INTERFACE UTILIZING GOOGLE, SET THIS ON IF YOU WANT
    # SET TO AUTODETECT YOUR INTERFACE
    AUTO_DETECT=ON
    #
    # SPECIFY WHAT PORT TO RUN THE HTTP SERVER OFF OF THAT SERVES THE JAVA APPLET ATTACK
    # OR METASPLOIT EXPLOIT. DEFAULT IS PORT 80.
    WEB_PORT=80
    #
    # CUSTOM EXE YOU WANT TO USE FOR METASPLOIT ENCODING, THIS USUALLY HAS BETTER AV
    # DETECTION. CURRENTLY IT IS SET TO LEGIT.BINARY WHICH IS JUST CALC.EXE. AN EXAMPLE
    # YOU COULD USE WOULD BE PUTTY.EXE SO THIS FIELD WOULD BE /pathtoexe/putty.exe
    CUSTOM_EXE=src/exe/legit.binary
    #
    # MAN LEFT IN THE MIDDLE PORT, THIS WILL BE USED FOR THE WEB SERVER BIND PORT
    MLITM_PORT=80
    #
    # USE APACHE INSTEAD OF STANDARD PYTHON WEB SERVERS, THIS WILL INCREASE SPEED OF
    # THE ATTACK VECTOR
    APACHE_SERVER=OFF
    #
    # PATH TO THE APACHE WEBROOT
    APACHE_DIRECTORY=/var/www
    #
    # TURN ON SSL CERTIFICATES FOR SET SECURE COMMUNICATIONS THROUGH WEB_ATTACK VECTOR
    WEBATTACK_SSL=OFF
    #
    # PATH TO THE PEM FILE TO UTILIZE CERTIFICATES WITH THE WEB ATTACK VECTOR (REQUIRED)
    # YOU CAN CREATE YOUR OWN UTILIZING SET, JUST TURN ON SELF_SIGNED_CERT
    # IF YOUR USING THIS FLAG, ENSURE OPENSSL IS INSTALLED!
    #
    SELF_SIGNED_CERT=OFF
    #
    # BELOW IS THE CLIENT/SERVER (PRIVATE) CERT, THIS MUST BE IN PEM FORMAT IN ORDER TO WORK
    # SIMPLY PLACE THE PATH YOU WANT FOR EXAMPLE /root/ssl_client/server.pem
    PEM_CLIENT=/root/newcert.pem
    PEM_SERVER=/root/newreq.pem
    #
    # TWEAK THE WEB JACKING TIME USED FOR THE IFRAME REPLACE, SOMETIMES IT CAN BE A LITTLE SLOW
    # AND HARDER TO CONVINCE THE VICTIM. 5000 = 5 seconds
    WEBJACKING_TIME=2000
    #
    # PORT FOR THE COMMAND CENTER
    COMMAND_CENTER_PORT=44444
    #
    # COMMAND CENTER INTERFACE TO BIND TO BY DEFAULT IT IS LOCALHOST ONLY. IF YOU WANT TO ENABLE IT
    # SO YOU CAN HIT THE COMMAND CENTER REMOTELY PUT THE INTERFACE TO 0.0.0.0 TO BIND TO ALL INTERFACES.
    COMMAND_CENTER_INTERFACE=127.0.0.1
    #
    # HOW MANY TIMES SET SHOULD ENCODE A PAYLOAD IF YOU ARE USING STANDARD METASPLOIT ENCODING OPTIONS
    ENCOUNT=4
    #
    # WHAT DO YOU WANT TO USE FOR YOUR DEFAULT TERMINAL WITHIN THE COMMAND CENTER. THE DEFAULT IS XTERM
    # THE OPTIONS YOU HAVE ARE AS FOLLOW - GNOME, KONSOLE, XTERM, SOLO. IF YOU SELECT SOLO IT WILL PLACE
    # ALL RESULTS IN THE SAME SHELL YOU USED TO OPEN THE SET-WEB INTERFACE. THIS IS USEFUL IF YOUR USING
    # SOMETHING THAT ONLY HAS ONE CONSOLE, LETS SAY A IPHONE OR IPAD.
    TERMINAL=XTERM
    #
    #
    # IF THIS OPTION IS SET, THE METASPLOIT PAYLOADS WILL AUTOMATICALLY MIGRATE TO
    # NOTEPAD ONCE THE APPLET IS EXECUTED. THIS IS BENEFICIAL IF THE VICTIM CLOSES
    # THE BROWSER HOWEVER CAN INTRODUCE BUGGY RESULTS WHEN AUTO MIGRATING.
    AUTO_MIGRATE=OFF
    #
    ################################################## #################################################

  8. #8
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Social Engineering Toolkit Help!!

    Try to install open-jdk from the repo, also check if you have them up to date

    SET At revision 371.
    Metasploit At revision 11078.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  9. #9
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: Social Engineering Toolkit Help!!

    here are pic SET v7.31
    http://img217.imageshack.us/f/backtrack44.jpg
    and metasploit still update..

  10. #10
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Social Engineering Toolkit Help!!

    Well I think it's because of your metasploit, wait till it finishes updating and then try.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

Page 1 of 2 12 LastLast

Similar Threads

  1. Social Engineering Toolkit
    By sparrow03 in forum Beginners Forum
    Replies: 4
    Last Post: 10-12-2010, 11:19 AM
  2. having fun with ettercap an social-engineering-toolkit
    By hardez in forum Tutorials und Howtos
    Replies: 4
    Last Post: 06-09-2010, 05:05 PM
  3. i can't fix Social Engineering Toolkit
    By spo0fer in forum Beginners Forum
    Replies: 1
    Last Post: 05-02-2010, 04:58 PM
  4. probleme social engineering toolkit 0.3
    By CX4STORM in forum Beginners Forum
    Replies: 1
    Last Post: 01-25-2010, 04:59 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •