The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET is written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be focused attacks against a person or organization used during a penetration test.

SET Menu’s

Select from the menu:
1) Spear-Phishing Attack Vectors
2) Website Attack Vectors
3) Infectious Media Generator
4) Create a Payload and Listener
5) Mass Mailer Attack
6) Arduino-Based Attack Vector
7) SMS Spoofing Attack Vector
8) Wireless Access Point Attack Vector
9) QRCode Generator Attack Vector
10) Powershell Attack Vectors
11) Third Party Modules
99) Return back to the main menu.

 

set> 1 Spear-Phishing Attack Vectors

Welcome to the SET E-Mail attack method. This module allows you to specially craft email messages and send them to a large (or small) number of people with attached fileformat malicious payloads. If you want to spoof your email address, be sure “Sendmail” is installed (it is installed in BT4) and change the config/set_config SENDMAIL=OFF flag to SENDMAIL=ON. There are two options, one is getting your feet wet and letting SET do everything for you (option 1), the second is to create your own FileFormat payload and use it in your own attack. Either way, good luck and enjoy!


1. Perform a Mass Email Attack
2. Create a FileFormat Payload
3. Create a Social-Engineering Template
4. Return to Main Menu

The spear-phishing attack menu is used for performing targeted email attacks against a victim. You can send multiple emails based on what your harvested or you can send it to individuals. You can also utilize fileformat (for example a PDF bug) and send the malicious attack to the victim in order to hopefully compromise the system.

 

set> 2 Website Attack Vectors

The Social-Engineer Toolkit “Web Attack” vector is a unique way of utilizing multiple web-based attacks in order to compromise the intended victim. Enter what type of attack you would like to utilize. The Java Applet attack will spoof a Java Certificate and deliver a Metasploit
based payload. Uses a customized java applet created by Thomas Werth to deliver the payload. The Metasploit browser exploit method will utilize select Metasploit browser exploits through an iframe and deliver a Metasploit payload. The Credential Harvester Method will utilize web cloning of a website that has a username and password field and harvest all the information posted to the website. The TabNabbing Method will wait for a user to move to a different tab, then refresh the page to something different.
The web jacking attack method was introduced by white_sheep, Emgent and the Back|Track team. This method utilizes iframe replacements to make the highlighted URL link to appear legitimate however when clicked a window pops up then is replaced with the malicious link. You can edit the link replacement settings in the set_config if its to slow/fast. The multi-attack will add a combination of attacks through the web attack menu. For example you can utilize the Java Applet, Metasploit Browser, Credential Harvester/Tabnabbing, all at once to see which is successful.


1) Java Applet Attack Method
2) Metasploit Browser Exploit Method
3) Credential Harvester Attack Method
4) Tabnabbing Attack Method
5) Web Jacking Attack Method
6) Multi-Attack Web Method
7) Full Screen Attack Method
99) Return to Main Menu

set> 3. Infectious Media Generator

The infectious USB/DVD creator will develop a Metasploit based payload for you and craft an autorun.inf file that once burned or placed on a USB will trigger an autorun feature and hopefully compromise the system. This attack vector is relatively simple in nature and relies on deploying the devices to the physical system.

4. Create a Payload and Listener

The create payload and listener is an extremely simple wrapper around Metasploit to
create a payload, export the exe for you and generate a listener. You would need to
transfer the exe onto the victim machine and execute it in order for it to properly work.


5. Mass Mailer Attack

The mass mailer attack will allow you to send multiple emails to victims and customize
the messages. This option does not allow you to create payloads, so it is generally
used to perform a mass phishing attack.
Select from the menu:
1) Spear-Phishing Attack Vectors
2) Website Attack Vectors
3) Infectious Media Generator
4) Create a Payload and Listener
5) Mass Mailer Attack
6) Arduino-Based Attack Vector
7) SMS Spoofing Attack Vector
8) Wireless Access Point Attack Vector
9) QRCode Generator Attack Vector
10) Powershell Attack Vectors
11) Third Party Modules
99) Return back to the main menu.


set> 6 Arduino-Based Attack Vector

The Arduino-Based Attack Vector utilizes the Arduin-based device to program the device. You can leverage the Teensy’s, which have onboard
storage and can allow for remote code execution on the physical system. Since the devices are registered as USB Keyboard’s it will bypass any autorun disabled or endpoint protection on the system. You will need to purchase the Teensy USB device, it’s roughly $22 dollars. This attack vector will auto generate the code needed in order to deploy the payload on the system for you. This attack vector will create the .pde files necessary to import into Arduino (the IDE used for programming the Teensy). The attack vectors range from Powershell based downloaders, wscript attacks, and other methods. For more information on specifications and good tutorials

visit: http://www.irongeek.com/i.php?page=security/programmable-hid-usbkeystroke-dongle


To purchase a Teensy,

visit: http://www.pjrc.com/store/teensy.html

Select a payload to create the pde file to import into Arduino:
1) Powershell HTTP GET MSF Payload
2) WSCRIPT HTTP GET MSF Payload
3) Powershell based Reverse Shell Payload
4) Internet Explorer/FireFox Beef Jack Payload
5) Go to malicious java site and accept applet Payload
6) Gnome wget Download Payload
7) Binary 2 Teensy Attack (Deploy MSF payloads)
8) SDCard 2 Teensy Attack (Deploy Any EXE)
9) SDCard 2 Teensy Attack (Deploy on OSX)
10) X10 Arduino Sniffer PDE and Libraries
11) X10 Arduino Jammer PDE and Libraries
12) Powershell Direct ShellCode Teensy Attack
99) Return to Main Menu


set:arduino>
The teensy USB HID attack is a method used by purchasing a hardware based device from prjc.com and programming it in a manner that makes the small USB microcontroller to look and feel exactly like a keyboard. The important part with this is it bypasses autorun capabilities and can drop payloads onto the system through the onboard flash memory. The keyboard simulation allows you to type characters in a manner that can utilize downloaders and exploit the system.
More will come soon …this is an official document from SET manual.

 

 

 

 

 

The Social-Engineer Toolkit (SET)

Post navigation


Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest