Wednesday, September 1, 2010

Social-Engineer Toolkit (SET) Updates on 0.6.1

Worked a bit on SET last night to allow a few new updates. For one, there was certain scenarios where you would utilize NAT/Port Forwarding instead of having a fully dedicated machine on the outside. This would cause issues because the Java Applet needed to bind to your local interface. This has now changed and a new flag has been added. When you turn off the AUTO_DETECT=OFF, you will be prompted and asked if your in a NAT/Port Forward scenario and allow you to specify an external IP address and eliminate the issues with that.

In addition, there are certain circumstances where most organizations don’t allow the client browser to download an executable from the internet for obvious reasons. The java applet attack vector now downloads a raw file with no extension type that is randomized each time. Once downloaded it writes out the file as an executable and essentially bypasses potential restriction mechanisms for executable.

A couple of minor bug fixes as well through this process, I broke the Java Applet attack vector last night but all of that’s working now, was primarily due to me changing the NAT/Port forward, required a bit of rehaul on the applet attack internals


No comments: