Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: S.E.T Error - unpack requires a string argument of length 8

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    2

    Question S.E.T Error - unpack requires a string argument of length 8

    Not sure if this is a bug, I just get this error every time I run S.E.T

    Code:
      [---]       The Social-Engineer Toolkit (SET)          [---]
      [---]        Written by: David Kennedy (ReL1K)         [---]
      [---]         Development Team: Thomas Werth           [---]
      [---]                  Version: 1.4                    [---]
      [---]         Codename: 'YAY DerbyCon Edition'         [---]
      [---]     Report bugs to: davek@social-engineer.org    [---]
      [---]         Follow me on Twitter: dave_rel1k         [---]
      [---]        Homepage: http://www.secmaniac.com        [---]
      [---]     Framework: http://www.social-engineer.org    [---]
    
       Welcome to the Social-Engineer Toolkit (SET). Your one
        stop shop for all of your social-engineering needs..
         
       DerbyCon 2011 Sep30-Oct02 - http://www.derbycon.com.
          		  Tickets on sale NOW!
    
    Select from the menu:
    
    1.  Spear-Phishing Attack Vectors
    2.  Website Attack Vectors
    3.  Infectious Media Generator 
    4.  Create a Payload and Listener
    5.  Mass Mailer Attack
    6.  Teensy USB HID Attack Vector
    7.  SMS Spoofing Attack Vector
    8.  Wireless Access Point Attack Vector
    9.  Third Party Modules
    10. Update the Metasploit Framework
    11. Update the Social-Engineer Toolkit
    12. Help, Credits, and About
    13. Exit the Social-Engineer Toolkit
    
    Enter your choice: 2
    
    The Social-Engineer Toolkit "Web Attack" vector is a unique way of 
    utilizing multiple web-based attacks in order to compromise the 
    intended victim. 
    
    Enter what type of attack you would like to utilize.
    
    The Java Applet attack will spoof a Java Certificate and
    deliver a metasploit based payload. Uses a customized 
    java applet created by Thomas Werth to deliver 
    the payload.
    
    The Metasploit browser exploit method will utilize select
    Metasploit browser exploits through an iframe and deliver 
    a Metasploit payload.
    
    The Credential Harvester Method will utilize web cloning
    of a website that has a username and password field and
    harvest all the information posted to the website.
    
    The TabNabbing Method will wait for a user to move to a
    different tab, then refresh the page to something different.
    
    The Man Left in the Middle Attack Method was introduced by
    Kos and utilizes HTTP REFERER's in order to intercept fields
    and harvest data from them. You need to have an already vulnerable
    site and incorporate <script src="http://YOURIP/">. This could either
    be from a compromised site or through XSS.
    
    The web jacking attack method was introduced by white_sheep, Emgent 
    and the Back|Track team. This method utilizes iframe replacements to 
    make the highlighted URL link to appear legitimate however when clicked 
    a window pops up then is replaced with the malicious link. You can edit
    the link replacement settings in the set_config if its too slow/fast.
    
    The multi-attack will add a combination of attacks through the web attack
    menu. For example you can utilize the Java Applet, Metasploit Browser,
    Credential Harvester/Tabnabbing, and the Man Left in the Middle attack
    all at once to see which is successful.
    
    1. The Java Applet Attack Method
    2. The Metasploit Browser Exploit Method
    3. Credential Harvester Attack Method
    4. Tabnabbing Attack Method
    5. Man Left in the Middle Attack Method
    6. Web Jacking Attack Method 
    7. Multi-Attack Web Method
    8. Create or import a CodeSigning Certificate
    9. Return to the previous menu
    
    Enter your choice (press enter for default): 1
    
    
    The first method will allow SET to import a list of pre-defined
    web applications that it can utilize within the attack.
    
    The second method will completely clone a website of your choosing
    and allow you to utilize the attack vectors within the completely
    same web application you were attempting to clone.
    
    The third method allows you to import your own website, note that you
    should only have an index.html when using the import website
    functionality.
    
    [!] Website Attack Vectors [!]
    
    1. Web Templates
    2. Site Cloner 
    3. Custom Import 
    4. Return to main menu
    	
    Enter number (1-4): 1
    
    
    Select a template to utilize within the web clone attack
    
    1. Java Required 
    2. Gmail
    3. Google
    4. Facebook
    5. Twitter
    
    Enter the one to use: 3
    
    [*] UPX packer not found in the pathname specified in config. Disabling UPX packing for executable! I noticed UPX wasn't installed at /pentest/database/sqlmap/lib/contrib/upx/linux/upx so I installed it to usr/bin/upx and updated the config but it still says [!] UPX was not detected. Try configuring the set_config again.
    
    What payload do you want to generate:
    
    Name:                                      Description:
    
    1.  Windows Shell Reverse_TCP               Spawn a command shell on victim and send back to attacker.
    2.  Windows Reverse_TCP Meterpreter         Spawn a meterpreter shell on victim and send back to attacker.
    3.  Windows Reverse_TCP VNC DLL             Spawn a VNC server on victim and send back to attacker.
    4.  Windows Bind Shell                      Execute payload and create an accepting port on remote system.
    5.  Windows Bind Shell X64                  Windows x64 Command Shell, Bind TCP Inline
    6.  Windows Shell Reverse_TCP X64           Windows X64 Command Shell, Reverse TCP Inline
    7.  Windows Meterpreter Reverse_TCP X64     Connect back to the attacker (Windows x64), Meterpreter
    8.  Windows Meterpreter Egress Buster       Spawn a meterpreter shell and find a port home via multiple ports
    9.  Windows Meterpreter Reverse HTTPS       Tunnel communication over HTTP using SSL and use Meterpreter
    10. Windows Meterpreter Reverse DNS         Use a hostname instead of an IP address and spawn Meterpreter
    11. SET Custom Written Interactive Shell    This is the new custom interactive reverse shell designed for SET
    12. RATTE HTTP Tunneling Payload 	    This is a security bypass payload that will tunnel all comms over HTTP
    13. Import your own executable              Specify a path for your own executable
    
    Enter choice (hit enter for default): 2
    
    Below is a list of encodings to try and bypass AV. 
    
    Select one of the below, 'backdoored executable' is typically the best.
    
    1. avoid_utf8_tolower (Normal)
    2. shikata_ga_nai (Very Good)
    3. alpha_mixed (Normal)
    4. alpha_upper (Normal)
    5. call4_dword_xor (Normal)
    6. countdown (Normal)
    7. fnstenv_mov (Normal)
    8. jmp_call_additive (Normal)
    9. nonalpha (Normal)
    10. nonupper (Normal)
    11. unicode_mixed (Normal)
    12. unicode_upper (Normal)
    13. alpha2 (Normal)
    14. No Encoding (None)
    15. Multi-Encoder (Excellent)
    16. Backdoored Executable (BEST)
    
    Enter your choice (enter for default): 16
    [-] Enter the PORT of the listener (enter for default): 4444
    
    [-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...
    [-] Backdoor completed successfully. Payload is now hidden within a legit executable.[*] UPX Encoding is set to ON, attempting to pack the executable with UPX encoding.
    [!] UPX was not detected. Try configuring the set_config again.[*] Digital Signature Stealing is ON, hijacking a legit digital certificate.
    
    
    
    Something went wrong, printing the error: unpack requires a string argument of length 8
    Does anyone know how to fix it?

    Thanks

  2. #2
    Member ColForbin's Avatar
    Join Date
    Jan 2010
    Posts
    93

    Default Re: S.E.T Error - unpack requires a string argument of length 8

    I did a #grep -R UPX /pentest/exploits/set/

    In the results, there's a line in set_config that reads:
    UPX_PATH=/pentest/database/sqlmap/lib/contrib/upx/linux/upx

    tried to cd to that directory, but it is not there.

    Then I did an apt-get install sqlmap. It's installed in /pentest/web/scanners/sqlmap

    Try adjusting the that directive and see if that helps at all.
    "Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."

  3. #3
    Member ColForbin's Avatar
    Join Date
    Jan 2010
    Posts
    93

    Default Re: S.E.T Error - unpack requires a string argument of length 8

    Sorry for the self-reply. I tried this out myself, and still getting the, "Something went wrong, printing the error: unpack requires a string argument of length 8".

    adjusting the path to upx does seem to help the alleviate the first error, "UPX packer not found in the pathname"

    Also, just noticed your note within your initial post.

    Not sure how to fix this. I'm off to google-town.
    "Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."

  4. #4
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: S.E.T Error - unpack requires a string argument of length 8

    So if you do "echo $PATH" then either "which upx" or "locate upx" is upx in $PATH?

    Disregard, /me didn't read closely enough.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  5. #5
    Member ColForbin's Avatar
    Join Date
    Jan 2010
    Posts
    93

    Default Re: S.E.T Error - unpack requires a string argument of length 8

    I think this has something to do with the DIGITAL_SIGNATURE_STEAL=ON directive, in set_config.

    The reason I think this, is because, the point when SET reaches this:
    [*] Digital Signature Stealing is ON, hijacking a legit digital certificate.

    This is when SET throws the "unpack requires a string argument of length 8".

    Going in, and changing the DIGITAL_SIGNATURE_STEAL to OFF, and the attack plays out.

    I did a dpkg --get-selections | grep pefile, and python-pefile is is installed.

    That's about all I can figure out, at this point. Hope that helps.
    "Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."

  6. #6
    Just burned his ISO
    Join Date
    Apr 2011
    Posts
    2

    Default Respuesta: S.E.T Error - unpack requires a string argument of length 8

    mm i had the same problem but only in backtrack5-64Bits Edition

    i fix the path but i had the same issue..

    Enter your choice (enter for default): 16
    [-] Enter the PORT of the listener (enter for default):

    [-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...
    [-] Backdoor completed successfully. Payload is now hidden within a legit executable.[*] UPX Encoding is set to ON, attempting to pack the executable with UPX encoding.[*] Packing the executable with UPX, one moment.[*] Digital Signature Stealing is ON, hijacking a legit digital certificate.


    Something went wrong, printing the error: unpack requires a string argument of length 8

  7. #7
    Just burned his ISO
    Join Date
    Apr 2011
    Posts
    2

    Default Respuesta: S.E.T Error - unpack requires a string argument of length 8

    yeah indeed works thanks

  8. #8
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    22

    Default Re: S.E.T Error - unpack requires a string argument of length 8

    in addition to digital signature stealing, you can do additional packing by using UPX. This is installed by default on Back|Track linux, if this is set to ON and it does not find it, it will still continue but disable the UPX packing.

    http://www.offensive-security.com/me...etting_Started

  9. #9
    Member ColForbin's Avatar
    Join Date
    Jan 2010
    Posts
    93

    Default Re: S.E.T Error - unpack requires a string argument of length 8

    The errors described within the initial post seem to be taken care of when two directives in set_config read as follows:

    Code:
    DIGITAL_SIGNATURE_STEAL=OFF
    
    UPX_PATH=/pentest/web/scanners/sqlmap/lib/contrib/upx/linux/upx
    Last edited by ColForbin; 05-20-2011 at 01:08 AM.
    "Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."

  10. #10
    Just burned his ISO
    Join Date
    May 2011
    Posts
    1

    Default

    Having the same issue. I changed UPX_PATH in /pentest/exploits/set/config/set_config

    to

    UPX_PATH=/pentest/web/scanners/sqlmap/lib/contrib/upx/linux/upx

    and I still get the following error in SET:
    [*] UPX packer not found in the pathname specified in config. Disabling UPX packing for executable!

    /pentest/web/scanners/sqlmap/lib/contrib/upx/linux/upx appears to be the correct path - so I'm stumped.

    Running BT5_GNOME-VM-32 image.

    Also - I can verify that setting DIGITAL_SIGNATURE_STEAL to OFF fixes the UPX issue... definitely something odd going on with config has both set.
    Last edited by bolexxx; 05-21-2011 at 08:30 PM.

Page 1 of 2 12 LastLast

Similar Threads

  1. Enum_chrome meterpreter argument error
    By tokimtom in forum Beginners Forum
    Replies: 0
    Last Post: 11-08-2010, 03:17 PM
  2. Aircrack-ng string length problem
    By christ044 in forum Beginners Forum
    Replies: 0
    Last Post: 07-15-2010, 06:07 PM
  3. Replies: 2
    Last Post: 06-24-2010, 05:57 PM
  4. error network requires encryption to be enabled
    By qpens8 in forum Beginners Forum
    Replies: 6
    Last Post: 02-03-2010, 01:47 PM
  5. .lzm unpack
    By dr-linux in forum OLD Newbie Area
    Replies: 12
    Last Post: 11-14-2007, 04:18 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •