Final changes for SET v6.3 release

config/set_config

@@ -42,16 +42,6 @@ ENCOUNT=4
 ### NOTE: This will make bypassuac not work properly. Migrate to a different process to get it to work.
 AUTO_MIGRATE=OFF
 #
-### Custom exe you want to use for MetaSploit encoding, this usually has better av
-### detection. Currently it is set to legit.binary which is just calc.exe. An example
-### you could use would be putty.exe so this field would be /pathtoexe/putty.exe
-CUSTOM_EXE=legit.binary
-#
-### This is for the backdoored executable if you want to keep the executable to still work. Normally
-### when legit.binary is used, it will render the application useless. Specifying this will keep the
-### application working
-BACKDOOR_EXECUTION=ON
-#
 ### Here we can run multiple meterpreter scripts once a session is active. This
 ### may be important if we are sleeping and need to run persistence, try to elevate
 ### permissions and other tasks in an automated fashion. First turn this trigger on
@@ -146,11 +136,6 @@ WEBJACKING_TIME=2000
 ### and things like the pwniexpress need smaller set builds
 SET_INTERACTIVE_SHELL=ON
 #
-### Digital signature stealing method must have the pefile Python modules loaded
-### from http://code.google.com/p/pefile/. Be sure to install this before turning
-### this flag on!!! This flag gives much better AV detection
-DIGITAL_SIGNATURE_STEAL=OFF
-#
 ### These two options will turn the upx packer to on and automatically attempt
 ### to pack the executable which may evade anti-virus a little better.
 UPX_ENCODE=OFF

readme/CHANGES

@@ -20,6 +20,7 @@ version 6.3
 * added the ability for powershell to execute first and if successful then not drop binary stager as last resort
 * added a workaround for a metasploit bug that would cause bundle install issues when launching directly within the /opt/metasploit/apps/pro/msf3 directory or within the /usr/share/ framework directory. I first check for /usr/bin/msfconsole first and if there I do not append to the path variable in order to launch from anywhere
 * added ability to use default msfconsole launcher if applicable from any path instead of from home directory - fixed in psexec, powershell injection, java applet, custom payloads, etc.
+* randomized custom parameter name when deploying custom binaries to throw off static signatures
 
 ~~~~~~~~~~~~~~~~
 version 6.2

src/html/spawn.py

@@ -34,7 +34,10 @@ if check_options("CUSTOM_EXE="):
         fileopen3 = fileopen = file("%s/web_clone/index.html" % (setdir), "r")
         filewrite = file("%s/web_clone/index.html.new" % (setdir), "w")
         data = fileopen3.read()
-        data = data.replace('param name="8" value="YES"', 'param name="8" value="CUST"')
+
+	# we randomize param name so static sigs cant be used
+	goat_random = generate_random_string(4, 4)
+        data = data.replace('param name="8" value="YES"', 'param name="8" value="%s"' % (goat_random))
         filewrite.write(data)
         filewrite.close()
 	subprocess.Popen("mv %s/web_clone/index.html.new %s/web_clone/index.html" % (setdir,setdir), shell=True).wait()