When a user gets the java applet warning, they will see the ‘Secure Java Applet’ as the name of the Applet instead of the IP address. # A BETTER SUCCESS RATE FOR THE JAVA APPLET ATTACK THIS MEANS IT WILL BE NON STOP UNTIL RUN IS EXECUTED. # JAVA APPLET REPEATER OPTION WILL CONTINUE TO PROMPT THE USER WITH THE JAVA AP$ # THIS COULD BE TO MAKE IT LOOK MORE BELIEVABLE OR FOR BETTER OBFUSCATION # THIS FLAG WILL SET THE JAVA ID FLAG WITHIN THE JAVA APPLET TO SOMETHING DIFFE$ This will require you to install java’s jdk (in Ubuntu its apt-get install sun-java6-jdk or openjdk-6-jdk). Say your targeting CompanyX, the standard Java Applet is signed by Microsoft, you can sign the applet with CompanyX to make it look more believable. To make the attack look more believable, you can turn this flag on which will allow you to sign the Java Applet with whatever name you want. The Java Applet Attack vector is the attack with one of the highest rates of success that SET has in its arsenal. CAN ALSO DO apt-get install sun-java6-jdk # IF THIS IS NOT INSTALLED IT WILL NOT WORK.
# INSTALL -> JAVA 6 JDK, BT4 OR UBUNTU USERS: apt-get install openjdk-6-jdk # CREATE SELF-SIGNED JAVA APPLETS AND SPOOF PUBLISHER NOTE THIS REQUIRES YOU TO Traditionally the emailing aspect is only available through the spear-phishing menu however when this is enabled it will add additional functionality for you to be able to email victims with links to help better your attacks. When setting the WEBATTACK_EMAIL to ON, it will allow you to send mass emails to the victim while utilizing the Web Attack vector. # SET TO ON IF YOU WANT TO USE EMAIL IN CONJUNCTION WITH WEB ATTACK If your using BackTrack 4, it is installed by default. This attack only works if the victim’s SMTP server does not perform reverse lookups on the hostname. Setting the SENDMAIL flag to ON will try starting SENDMAIL, which can spoof source email addresses. # SENDMAIL ON OR OFF FOR SPOOFING EMAIL ADDRESSES When this flag is set to ON, it will poison the entire local subnet and redirect a specific site or all sites to your malicious server running. The Ettercap section can be used when you’re on the same subnet as the victims and you want to perform DNS poison attacks against a subset of IP addresses. # ETTERCAP HOME DIRECTORY (NEEDED FOR DNS_SPOOF) # SPECIFY WHAT INTERFACE YOU WANT ETTERCAP TO LISTEN ON, IF NOTHING WILL DEFAULT Metasploit is used for the payload creations, file format bugs, and for the browser exploit sections. In the first option, you can change the path of where the location of Metasploit is. Looking through the configuration options, you can change specific fields to get a desired result.
METASPLOIT_PATH=/pentest/exploits/framework3 # DEFINE THE PATH TO METASPLOIT HERE, FOR EXAMPLE /pentest/exploits/framework3 :/pentest/exploits/set# nano config/set_config Once you’ve updated to the latest version, start tweaking your attack by editing the SET configuration file. U src/payloads/set_payloads/persistence.py U src/payloads/set_payloads/set_http_server.py U src/payloads/set_payloads/shell.windows U src/payloads/set_payloads/http_shell.py First thing to do is ensure that you have updated SET, from the directory: SET by default works perfect for most people however, advanced customization may be needed in order to ensure that the attack vectors go off without a hitch. The brain behind SET is the configuration file.
*UPDATED April 1 2014* Beginning with the Social Engineer Toolkit The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. SET was designed to be released with the launch and has quickly became a standard tool in a penetration testers arsenal. The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element.