Wednesday, December 7, 2011

The Social-Engineer Toolkit (SET) v.2.5 Released

The Social-Engineer Toolkit (SET) v2.5 Codename: “Rippin and Tearin” has been released! This version is primarily enhancements of existing attack vectors and a rehaul of some portions of the codebase. Most noticeably, the site cloner has been modified to target the body tags first for the applet injection versus the header html tags. This allows the website to render properly first, then trigger the applet. In addition, fixes around the Java Repeater have been fixed.  

Changelog:

* rehaul of site cloner, it now injects into body properly and leverages unc, redirection, and others properly
* redid a few options on repeater.database, unc.database to make more streamline
 * fixed bugs with java repeater
* added more granularity around how repeater operates and functions when on different webpages
* added ability to inject into tags first and if not found then it injects into tags
* added ability to render even when flag is being used versus
* added more stability to the Java Applet.jar and backup routine for redirect to websites
* bug fix in website cloner
* rewrote portions of java applet to gain more stability around java repeater as a fallback
* added better handling around unc database and fixed a bug when in the wrong loop within cloner.py
* established a baseline fallback for java applet

Download: http://www.secmaniac.com

No comments: