Added a script for me to use

2024-11-23 21:13:05 +00:00 · 2013-03-15 19:01:12 +00:00 · 2013-03-15 19:01:12 +00:00 · 1cef0b285c
commit 1cef0b285c
parent bf0ac67474
5 changed files with 22 additions and 11 deletions
--- a/README.txt
+++ b/README.txt
@ -8,4 +8,4 @@ DISCLAIMER: This is only for testing purposes and can only be used where strict
                                                                            
 Any modifications, changes, or alterations to this application is acceptable, however, any public releases utilizing this code must be approved by TrustedSec. Check the LICENSE file for more information.

-The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social-Engineering. SET has a number of custom attack vectors that allow you to make a believable attack in a fraction of the time. SET is a product of TrustedSec, LLC - An Information Security consulting firm located in Cleveland Ohio.
+The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social-Engineering. SET has a number of custom attack vectors that allow you to make a believable attack in a fraction of the time. SET is a product of TrustedSec, LLC - An Information Security consulting firm located in Cleveland, Ohio.
--- a/config/set_config
+++ b/config/set_config
@ -170,7 +170,7 @@ TERMINAL=SOLO
 ### Digital signature stealing method must have the pefile Python modules loaded
 ### from http://code.google.com/p/pefile/. Be sure to install this before turning
 ### this flag on!!! This flag gives much better AV detection
-DIGITAL_SIGNATURE_STEAL=ON
+DIGITAL_SIGNATURE_STEAL=OFF
 #
 ### These two options will turn the upx packer to on and automatically attempt
 ### to pack the executable which may evade anti-virus a little better.
@ -220,13 +220,10 @@ POWERSHELL_INJECT_PAYLOAD_X86=windows/meterpreter/reverse_tcp
 ### NOTE THAT POWERSHELL INJECTION MUST BE SET TO ON.
 POWERSHELL_MULTI_INJECTION=ON
 #
-### THIS WILL CONFIGURE WHICH PORTS TO USE FOR POWERSHELL INJECTION
-POWERSHELL_MULTI_PORTS=443,21,22,25
-#
 ### THIS WILL SPECIFY WHICH PORTS TO ITERATE THROUGH TO DO THE POWERSHELL INJECTION. NOTE IF YOU ARE USING SET
 ### PORT 80 IS USED BY THE WEB SERVER. THE REST OF PORTS SHOULD BE OPEN. CONSIDER IF YOU WANT TO USE PORT 80 TO
 ### PLACE THE LISTENER ON A DIFFERENT SERVER.
-POWERSHELL_MULTI_PORTS=21,22,23,25,53,3389,443,8080
+POWERSHELL_MULTI_PORTS=22,53,443
 #
 ### This will display the output of the powershell injection attack so you can see what is being placed on the
 ### system.
--- a/config/set_config.py
+++ b/config/set_config.py
@ -9,10 +9,10 @@
 #  SET updated using the 'Update SET Configuration' menu item in      #
 #  the main menu. This file will be updated with the new settings.    #
 #                                                                     #
-#  set_config.py generated: 2013-03-14 10:18:10.495402                #
+#  set_config.py generated: 2013-03-15 11:13:36.564372                #
 #                                                                     #
 #######################################################################
-CONFIG_DATE='2013-03-14 10:18:10.495402'
+CONFIG_DATE='2013-03-15 11:13:36.564372'
 METASPLOIT_PATH="/opt/metasploit/apps/pro/msf3"
 METASPLOIT_DATABASE="postgresql"
 ENCOUNT=4
@ -50,7 +50,7 @@ COMMAND_CENTER_INTERFACE="127.0.0.1"
 COMMAND_CENTER_PORT=44444
 SET_INTERACTIVE_SHELL=True
 TERMINAL="SOLO"
-DIGITAL_SIGNATURE_STEAL=True
+DIGITAL_SIGNATURE_STEAL=False
 UPX_ENCODE=True
 UPX_PATH="/usr/bin/upx"
 AUTO_REDIRECT=True
@ -65,8 +65,7 @@ POWERSHELL_INJECTION=True
 POWERSHELL_INJECT_PAYLOAD_X64="windows/x64/meterpreter/reverse_tcp"
 POWERSHELL_INJECT_PAYLOAD_X86="windows/meterpreter/reverse_tcp"
 POWERSHELL_MULTI_INJECTION="True"
-POWERSHELL_MULTI_PORTS="443,21,22,25"
-POWERSHELL_MULTI_PORTS="21,22,23,25,53,3389,443,8080"
+POWERSHELL_MULTI_PORTS="22,53,443"
 POWERSHELL_VERBOSE=False
 WEB_PROFILER=False
 DEPLOY_OSX_LINUX_PAYLOADS="False"
--- a/readme/CHANGES
+++ b/readme/CHANGES
@ -25,6 +25,10 @@ version 4.7
 * rewrote the java jar file to handle multiple powershell alphanumeric shellcode points injected into applet.
 * added signed and unsigned jar files to the java applet attack vector
 * removed create_payload.py from saving files in src/html and instead in the proper folders src/program_junk
+* fixed a payload duplication issue in create_payload.py, will now check to see if port is there
+* removed a pefile check unless backdoored executable is in use
+* turned digital signature stealing from a pefile to off in the set_config file
+* converted all src/html/msf.exe to src/program_junk/ and fixed an issue where the applet would not load properly

 ~~~~~~~~~~~~~~~~
 version 4.4.5
--- a/src/webattack/java_applet/unsigned.py
+++ b/src/webattack/java_applet/unsigned.py
@ -0,0 +1,11 @@
+#!/usr/bin/python
+#
+# simple jar file
+#
+import subprocess
+import os
+subprocess.Popen("rm Java_Update.jar", stderr=subprocess.PIPE, stdout=subprocess.PIPE, shell=True)
+subprocess.Popen("rm Java.class", stderr=subprocess.PIPE, stdout=subprocess.PIPE, shell=True)
+subprocess.Popen("javac Java.java", shell=True).wait()
+subprocess.Popen("jar cvf Java_Update.jar Java.class", shell=True).wait()
+print "[*] Jar file exported as Java_Update.jar"