Social Engineering Toolkit (SET) is an advanced, multifunctional, and easy-to-use computer-assisted social engineering toolset, created by the founders of TrustedSec (https://www.trustedsec.com/). It helps you prepare the most effective way to exploit client-side application vulnerabilities and makes a fascinating attempt to capture the target’s confidential information (for example, e-mail passwords). Some of the most efficient and useful attack methods employed by SET include targeted phishing e-mails with a malicious file attachment, Java applet attacks, browser-based exploitation, gathering website credentials, creating infectious portable media (USB/ DVD/CD), mass-mailer attacks, and other similar multiattack web vectors. This combination of attack methods provides you with a powerful platform to utilize and select the most persuasive technique that could perform an advanced attack against the human element.
To start SET, navigate to Applications | Kali Linux | Exploitation Tools | Social Engineering Toolkit | setoolkit.
You could also use the terminal to load SET: root@kali:~# setoolkit
In our test exercise, we will demonstrate an e-mail phishing attack with a malicious PDF attachment, which would compromise the target machine when executed.
Targeted phishing attack
During this attack method, we will first create an e-mail template to be used with a malicious PDF attachment, select the appropriate PDF exploit payload, choose a connectivity method for the compromised target, and send an e-mail to the target via a Gmail account. Note that you can also spoof the original sender e-mail and IP address by using the sendmail program available under Kali; you can enable its configuration from the /usr/share/set/config/set_config file. For more information, visit the Social Engineer Toolkit (SET) section at http://www.socialengineer.org/framework/Social_Engineering_Framework.
The steps to perform a targeted phishing attack are as follows
1. Select 1 from the initial SET menu to see the following screenshot:
2. From the options seen in the preceding screenshot, we will select 1 to access the Spear-Phishing Attack Vectors section of SET, which will display the information shown in the following screenshot:
3. We must then select option 3 from the preceding screenshot to start the social engineering template, as shown in the following screenshot:
4. As seen in the previous output, there might be some formatting issues. The template generator will only use what you have typed as part of the template. After completing the e-mail template, press Ctrl + C to return to the previous menu. At this point, we will move on to performing an e-mail attack. Select 1 from the Perform a Mass Email Attack menu. Then, choose 6 to select the Adobe CoolType SING Table “uniquename” overflow option, as shown in the following screenshot:
5. Enter the payload you want, which in this case is 6 for a Windows reverse TCP shell. Then, you need to enter the IP address for the listener as well as the port number that will be used to connect to it. For this fictional representation, we will use 192.168.1.1 as the IP address and 5555 as the port, as shown in the following screenshot:
6. We will rename the file so that we can take advantage of an opportunity to be cool and then choose the totally uncool filename BizRep2010.pdf as the new name for our payload. After this, we will need to let SET know what we plan on doing with this payload. Choose 1 to target a single e-mail address and then 1 again to move forward using the template that you created earlier. Your current screen should look similar to the following screenshot:
7. At this point, we select our previously created e-mail template (11). The same template can be used over multiple social engineering attacks. The quality of the templates that you create will greatly influence the effectiveness of your phishing campaign. At this point, you would use a valid e-mail relay or a Gmail account to send the targeted attack to the end user.
NOTE : Use this attack only if it is part of your rules of engagement and your client understands what you will be doing. This tool allows you to send out live infected files to the e-mail recipients and laws regarding this could vary depending on where you reside and where you are launching the tests. Once you place the e-mail information in the tool, it will immediately attempt a connection and send the file. There is no warning button.
8. Once the attack has been set up, we should wait for a victim to launch our malicious PDF file. As soon as the victim executes our PDF attachment, we will be thrown back with a reverse shell access to their computer. Note that the IP address 192.168.1.1 is an attacker machine (that is, Steven) that listens on port 5555 for a reverse shell connection from the victim’s computer.
So, we have successfully socially engineered our target to acquire remote access to the victim’s computer. Let’s get an interactive shell prompt and execute the Windows commands. We can utilize SET to launch an e-mail phishing attack against a single person or multiple people at the same time. It provides us with an effective customization and integration of e-mail to draw a secure path for the social engineer. This scenario is typically useful if you want to target multiple corporate employees while maintaining the covertness of your actions. SET is continually updated by its creators, and as such is subject to undergo drastic changes at any moment. We have only scratched the surface of this tool’s capability. It is highly recommended that you continue to learn about this formidable social engineering toolset by visiting https://www.trustedsec.com/downloads/socialengineer-toolkit/; start by watching the videos that are presented on that site.
NOTE: This is for educational purpose only we are not responsible for any type of inconvenience caused by reader.
Like us on facebook