Subscribe Us

LightBlog

Breaking

LightBlog

Friday, December 1, 2023

Home / Unlabelled / The Social Engineering Toolkit (SET)

The Social Engineering Toolkit (SET)

by on
The Social Engineering Toolkit (SET)

SET was created and written by David Kennedy (ReL1K), and it is maintained by an active group of collaborators (www.social-engineer.org). It is an open source Python-driven framework that is specifically designed to facilitate social engineering attacks.


The tool was designed with the objective of achieving security by training. A significant advantage of SET is its interconnectivity with the Metasploit framework, which provides the payloads needed for exploitation, the encryption to bypass antivirus, and the listener module, which connects to the compromised system when it sends a shell back to the attacker.


To open SET in a Kali distribution, go to Applications| Social Engineering Tools | setoolkit, or enter setoolkit at a shell prompt. You will be presented with the main menu, as shown in the following screenshot:



If you select 1) Social-Engineering Attacks, you will be presented with the following submenu:



Brief Explanation of Social Engineering Attacks

The following is a brief explanation of the social engineering attacks:

Spear-Phishing Attack Vector

Allows an attacker to create email messages and send them to targeted victims with attached exploits.

Website Attack Vectors

Utilize multiple web-based attacks, including the following:

  • Java applet attack method: Spoofs a Java certificate and delivers a Metasploit-based payload. Highly successful against Windows, Linux, and macOS targets.

  • Metasploit browser exploit method: Delivers a Metasploit payload using an iFrame attack.

  • Credential harvester attack method: Clones a website, automatically rewrites POST parameters to intercept and harvest user credentials, then redirects victims back to the original site after harvesting is completed.

  • Tabnabbing attack method: Replaces information on an inactive browser tab with a cloned page that links back to the attacker. When the victim logs in, the credentials are sent to the attacker.

  • Web jacking attack method: Utilizes iFrame replacements to make the highlighted URL link appear legitimate; however, when clicked, a window pops up and is then replaced with a malicious link.

  • Multi-attack web method: Allows an attacker to select multiple attacks to be launched at once, including various methods like Tabnabbing, Java applet attack, Metasploit browser exploit, Credential harvester, Man-in-the-middle, Full-screen attack, HTA attack, Infectious media generator, Payload and listener creation, MassMailer attack, and Arduino-based attack vector.

  • Full-screen attack method: A simple attack method utilized by attackers to launch an attack behind the scenes when the system is in full-screen mode.

  • HTA attack method: When an attacker presents a fake website that will automatically download HTML applications in the .HTA format.

  • Infectious media generator: Creates an autorun.inf file and Metasploit payload. Once inserted into the target system via USB or physical media, it can compromise the system if autorun is enabled.

  • To create a payload and listener: A rapid menu-driven method of creating a Metasploit payload. The attacker must use a separate social engineering attack to convince the target to launch it.

  • MassMailer attack: Allows the attacker to send multiple customized emails to a single email address or a list of recipients.

  • Arduino-based attack vector: Programs Arduino-based devices like Teensy to act as USB keyboards, bypassing security measures.

  • Wireless access point attack vector: Creates a fake wireless access point and DHCP server on the attacker's system, redirecting DNS queries to the attacker for launching various attacks like Java applet or credential harvester attacks.

  • QRcode generator attack vector: Generates a QR code associated with a defined URL for carrying out an attack.

  • PowerShell attack vectors: Enables attacks that leverage PowerShell, a command-line shell and scripting language available on Windows Vista and higher versions.

  • SMS spoofing attack vector: Crafted SMS texts sent to mobile devices, spoofing the message source. Note: This module has been recently blocked by SET.

  • Third-party modules: Allows the use of Remote Administration Tool Tommy Edition (RATTE) as part of an attack or as an isolated payload. RATTE is a text menu-driven remote access tool.


SEToolkit also provides a menu item for fast-track penetration testing, which gives rapid access to some specialized tools that support brute-force identification and password cracking of SQL databases, as well as some customized exploits that are based on Python, SCCM attack vectors, Dell computer DRAC/chassis exploitation, user enumeration, and PsExec PowerShell injection.


The menu also gives options for updating the Metasploit framework, SET, and the SET configuration. However, these additional options should be avoided as they are not fully supported by Kali, and may cause conflicts with dependencies.


As an initial example of SET's strengths, we'll see how it can be used to gain a remote shell: a connection made from the compromised system back to the attacker's system.


© 2023 Domebytes. All rights reserved.

Author Image

About AMAL AJI
Welcome to Domebytes, your go-to resource for high-quality tech content and programming insights. Founded by Amal Aji, Domebytes is dedicated to delivering premium tech-related articles and tutorials. With a keen focus on innovation and robust design, Amal's mission is to provide readers with the best tech resources and programming knowledge, ensuring they stay ahead in the ever-evolving digital landscape. Dive into Domebytes for expertly crafted content that inspires and educates.

Related Posts:
By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search here..
Adbox