search

trustedsec / social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
10.94k stars 2.77k forks source link

arduino based attack problem #323

Closed ghost closed 7 years ago

ghost commented 7 years ago

Hello there

I was trying to get the shell code from set but while exporting the files the set keep giving error. It says directory not found. However when i go to root and view .set folder i see the program creats some sort of temp file.

I am copy pasting the error, hope there would be a solution

` Welcome to the Social-Engineer Toolkit (SET). The one stop shop for all of your SE needs.

 Join us on irc.freenode.net in channel #setoolkit

The Social-Engineer Toolkit is a product of TrustedSec.

       Visit: https://www.trustedsec.com

It's easy to update using the PenTesters Framework! (PTF) Visit https://github.com/trustedsec/ptf to update all your tools!

Select from the menu:

1) Social-Engineering Attacks 2) Penetration Testing (Fast-Track) 3) Third Party Modules 4) Update the Social-Engineer Toolkit 5) Update SET configuration 6) Help, Credits, and About

99) Exit the Social-Engineer Toolkit

set> 1

             .--.  .--. .-----.
            : .--': .--'`-. .-'
            `. `. : `;    : :
             _`, :: :__   : :
            `.__.'`.__.'  :_;

[---] The Social-Engineer Toolkit (SET) [---] [---] Created by: David Kennedy (ReL1K) [---] Version: 7.4.1
Codename: 'Recharged'
[---] Follow us on Twitter: @TrustedSec [---] [---] Follow me on Twitter: @HackingDave [---] [---] Homepage: https://www.trustedsec.com [---]

    Welcome to the Social-Engineer Toolkit (SET).
     The one stop shop for all of your SE needs.

 Join us on irc.freenode.net in channel #setoolkit

The Social-Engineer Toolkit is a product of TrustedSec.

       Visit: https://www.trustedsec.com

It's easy to update using the PenTesters Framework! (PTF) Visit https://github.com/trustedsec/ptf to update all your tools!

Select from the menu:

1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 3) Infectious Media Generator 4) Create a Payload and Listener 5) Mass Mailer Attack 6) Arduino-Based Attack Vector 7) Wireless Access Point Attack Vector 8) QRCode Generator Attack Vector 9) Powershell Attack Vectors 10) SMS Spoofing Attack Vector 11) Third Party Modules

99) Return back to the main menu.

set> 6

The Arduino-Based Attack Vector utilizes the Arduin-based device to program the device. You can leverage the Teensy's, which have onboard storage and can allow for remote code execution on the physical system. Since the devices are registered as USB Keyboard's it will bypass any autorun disabled or endpoint protection on the system.

You will need to purchase the Teensy USB device, it's roughly $22 dollars. This attack vector will auto generate the code needed in order to deploy the payload on the system for you.

This attack vector will create the .pde files necessary to import into Arduino (the IDE used for programming the Teensy). The attack vectors range from Powershell based downloaders, wscript attacks, and other methods.

For more information on specifications and good tutorials visit:

http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle

To purchase a Teensy, visit: http://www.pjrc.com/store/teensy.html Special thanks to: IronGeek, WinFang, and Garland

This attack vector also attacks X10 based controllers, be sure to be leveraging X10 based communication devices in order for this to work.

Select a payload to create the pde file to import into Arduino:

1) Powershell HTTP GET MSF Payload 2) WSCRIPT HTTP GET MSF Payload 3) Powershell based Reverse Shell Payload 4) Internet Explorer/FireFox Beef Jack Payload 5) Go to malicious java site and accept applet Payload 6) Gnome wget Download Payload 7) Binary 2 Teensy Attack (Deploy MSF payloads) 8) SDCard 2 Teensy Attack (Deploy Any EXE) 9) SDCard 2 Teensy Attack (Deploy on OSX) 10) X10 Arduino Sniffer PDE and Libraries 11) X10 Arduino Jammer PDE and Libraries 12) Powershell Direct ShellCode Teensy Attack 13) Peensy Multi Attack Dip Switch + SDCard Attack

99) Return to Main Menu

set:arduino>7 set> IP address for the payload listener (LHOST): 192.168.1.21

    BSIDES Las Vegas ----  EXE to Teensy Creator

Written by: Josh Kelley (@winfang98) and Dave Kennedy (ReL1K, @hackingdave)

This program will take shellexeccode which is converted to hexadecimal and place it onto a victim machine through hex to binary conversion via powershell.

After the conversion takes place, Alphanumeric shellcode will then be injected straight into memory and the stager created and shot back to you.

1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker 2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter 6) Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter 8) Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and use Reverse Meterpreter 9) Download/Run your Own Executable Downloads an executable and runs it

set:binary2teensy>2 set:arduino> Port to listen on [443]:4444 [] Generating alpha_mixed shellcode to be injected after shellexec has been deployed on victim... [] Binary to Teensy file exported as /root/.set//reports/binary2teensy.pde

[!] Something went wrong, printing the error: [Errno 2] No such file or directory: '/root/.set//reports/binary2teensy.pde'`

trustedsec commented 7 years ago

Thanks! I've fixed this in 7.4.2.

annabbruton commented 2 years ago

I am encountering an issue very similar to this now in 2022 on version 8.0.3. Any advice?