DMofGM@gmail.com
b760505175
Found a lingering instance of raw_input in powershell.py
2019-10-31 03:26:36 +00:00
trustedsec
e8ace04b00
Merge pull request #648 from buzzdeee/py3_cStringIO_fix
...
python3 compatibility fix regarding cStringIO
2019-09-24 13:46:43 -04:00
trustedsec
f164e06e1c
Merge pull request #649 from buzzdeee/py3_email_fix
...
Fix py3 incompatibility with regard to email module
2019-09-24 13:46:18 -04:00
Sebastian Reitenbach
973e0c3dbb
Fix py3 incompatibility with regard to email module
...
Getting into Social-Engineering Attacks -> Mass Mailer Attack,
errors are thrown regarding the import of email modules.
This needs the fix in PR #648
2019-09-03 10:28:41 +02:00
Sebastian Reitenbach
8ded4aca69
Using Python 3, and getting into Social-Engineering Attacks ->
...
Mass Mailer Attack, SET throws an error:
Something went wrong, printing the error: No module named 'cStringIO'
This fixes it, the change to socket.py fixes the module name,
and the change to smtp_web fixes the exception name.
2019-09-03 09:59:10 +02:00
trustedsec
71d349d4df
Merge pull request #642 from meitar/fix-harvester-traversal
...
Fix bug where files for Tabnabbing and Webjacking were not served.
2019-07-23 11:30:38 -04:00
David Kennedy
c3f4a0eeca
fix hta attack vector issues on main menu
2019-07-23 11:28:23 -04:00
Meitar M
a4cdcd1478
Fix bug where files for Tabnabbing and Webjacking were not served.
...
This commit fixes a bug in the credential harvester Web attack
method that prevented these attacks from being successful.
Specifically, files needed for these attacks (e.g., `source.js`) in
the Web server's document root (`web_clone` folder) were treated as
though they were path traversal attacks, resulting an HTTP 404 sent
back to the (victim) browser; these attacks would fail.
In fact, files requested via URLs such as `/source.js` are valid
paths, but since they were not explicitly checked for in the same way
that the `index.html` and `index2.html` files were, these helper files
were not being served.
This fix improves URL handling by using Python's `os.path.relpath()`
method to ensure that all requested URLs are treated as relative to
the Web server's document root (`webroot` variable). This also
reliably prevents path traversal attacks because the
`requested_file` variable is always prepended with the Web root after
path calculations (normalizing `../` sequences, etcetera) have been
performed. As a result, the explicit check for the path traversal
detection is no longer needed; such requests will always error 404.
2019-07-17 13:35:33 -04:00
David Kennedy
0018154022
Merge branch 'master' of https://github.com/trustedsec/social-engineer-toolkit
2019-04-23 17:00:55 -04:00
David Kennedy
0187af1533
fix credential harvester issue when importing index.html
2019-04-23 16:58:21 -04:00
trustedsec
6109bc2dab
Merge pull request #609 from Lin8x/master
...
Changed the README.md
2019-04-03 09:33:57 -04:00
trustedsec
2b447fc8fd
Merge branch 'master' into master
2019-04-03 09:33:43 -04:00
TrustedSec
a0ee439c9f
update to version 8.0 beta
2019-03-21 18:44:20 -04:00
Lin8x
6c2f539c40
Update README.md
2019-03-12 08:40:04 -04:00
Lin8x
2f9c62de43
Update README.md
2019-03-12 08:39:38 -04:00
Lin8x
94f7e17a79
Update README.md
2019-03-12 08:38:50 -04:00
Lin8x
2fdb2c6861
Update README.md
2019-03-12 08:38:38 -04:00
Lin8x
21f3bf6425
Update README.md
2019-03-12 08:37:25 -04:00
Lin8x
f343f726cc
Update README.md
2019-03-12 08:36:53 -04:00
Lin8x
6d86729520
Update README.md
2019-03-12 08:36:32 -04:00
Lin8x
fd7c8a6b12
Update README.md
2019-03-12 08:34:54 -04:00
Lin8x
e282d37239
Update README.md
2019-03-12 08:32:54 -04:00
Lin8x
631f4ca23e
Update README.md
2019-03-12 08:31:17 -04:00
Lin8x
962ca494fb
Update README.md
2019-03-12 08:28:52 -04:00
Lin8x
c9c6e3ff97
Update README.md
2019-03-12 08:27:21 -04:00
Lin8x
662dec1b66
Update README.md
2019-03-12 08:25:57 -04:00
TrustedSec
f395647db4
remove html generation and only export xml
2019-02-23 16:50:43 -05:00
TrustedSec
fc7e0e518b
remove fsa attack and sms phishing no longer supported
2019-02-23 16:37:32 -05:00
TrustedSec
dec1a231d2
remove old code, bump version to 8
2019-02-23 16:33:02 -05:00
TrustedSec
8777ff9f20
fix sudo check
2019-02-23 16:18:18 -05:00
trustedsec
75158666ec
Merge pull request #585 from AlekKras/master
...
Fixed Ubuntu installation
2018-10-25 18:17:49 -04:00
alekkras
c1beb7c3e7
Fixed Ubuntu installation
2018-10-19 14:34:44 -04:00
TrustedSec
870b79b614
fix test code
2018-07-29 12:36:45 -04:00
TrustedSec
4e2af996b9
bump to 7.7.9 with fixes
2018-07-28 11:46:42 -04:00
TrustedSec
fe0423e1af
fix escaping issue
2018-06-04 11:14:12 -04:00
TrustedSec
7029a78834
fix indent issue in harvester
2018-05-28 13:22:35 -04:00
TrustedSec
7f06c516bd
add user to harvester
2018-05-25 10:37:20 -04:00
TrustedSec
dd1af737a4
code cleanup
2018-05-25 10:35:49 -04:00
TrustedSec
05fc71abb4
fix blank PDF template issue selection
2018-05-25 10:30:14 -04:00
TrustedSec
eb1fbb2d3d
format cleanup and version bump
2018-05-25 10:22:28 -04:00
TrustedSec
3b71bde2f2
old test code removal, add better wording, remove old templates
2018-05-25 10:18:51 -04:00
TrustedSec
bed41d34cb
remove test code
2018-05-25 09:46:56 -04:00
TrustedSec
7ce69503ec
fix indent
2018-05-22 11:00:29 -04:00
TrustedSec
2c36a6696c
update readme
2018-05-22 10:59:34 -04:00
TrustedSec
11a46a9d41
fix an issue where SET would not close with web server properly
2018-05-22 10:59:15 -04:00
TrustedSec
58725c44fa
fix and present PEM error messages
2018-05-15 11:48:02 -04:00
TrustedSec
49133d3e32
bump version, fix goat message
2018-05-15 11:21:27 -04:00
trustedsec
dad1604875
Merge pull request #525 from s0i37/master
...
added anti-blocking inline images in "Mass Mailer Attack"
2018-04-11 10:56:35 -04:00
s0i37
df230c2ec0
added anti-blocking inline images in "Mass Mailer Attack"
2018-03-20 19:41:56 +05:00
trustedsec
0ca44a6437
Merge pull request #507 from IonoclastBrigham/path-fixes
...
Path fixes
2018-02-22 13:34:30 -05:00
