#!/usr/bin/env python try: import readline except: pass from src.core.setcore import bcolors, get_version, check_os, meta_path # grab version of SET define_version = get_version() # check operating system operating_system = check_os() # grab metasploit path msf_path = meta_path() PORT_NOT_ZERO = "Port cannot be zero!" PORT_TOO_HIGH = "Let's stick with the LOWER 65,535 ports..." main_text = " Select from the menu:\n" main_menu = ['Social-Engineering Attacks', 'Fast-Track Penetration Testing', 'Third Party Modules', 'Update the Metasploit Framework', 'Update the Social-Engineer Toolkit', 'Update SET configuration', 'Help, Credits, and About'] main = ['Spear-Phishing Attack Vectors', 'Website Attack Vectors', 'Infectious Media Generator', 'Create a Payload and Listener', 'Mass Mailer Attack', 'Arduino-Based Attack Vector', 'SMS Spoofing Attack Vector', 'Wireless Access Point Attack Vector', 'QRCode Generator Attack Vector', 'Powershell Attack Vectors', 'Third Party Modules'] spearphish_menu = ['Perform a Mass Email Attack', 'Create a FileFormat Payload', 'Create a Social-Engineering Template', '0D'] spearphish_text = (""" The """ + bcolors.BOLD + """Spearphishing""" + bcolors.ENDC + """ module allows you to specially craft email messages and send them to a large (or small) number of people with attached fileformat malicious payloads. If you want to spoof your email address, be sure "Sendmail" is in- stalled (apt-get install sendmail) and change the config/set_config SENDMAIL=OFF flag to SENDMAIL=ON. There are two options, one is getting your feet wet and letting SET do everything for you (option 1), the second is to create your own FileFormat payload and use it in your own attack. Either way, good luck and enjoy! """) webattack_menu = ['Java Applet Attack Method', 'Metasploit Browser Exploit Method', 'Credential Harvester Attack Method', 'Tabnabbing Attack Method', 'Man Left in the Middle Attack Method', 'Web Jacking Attack Method', 'Multi-Attack Web Method', 'Create or import a CodeSigning Certificate', '0D'] fasttrack_menu = ['Microsoft SQL Bruter', 'Custom Exploits', 'SCCM Attack Vector', 'Dell DRAC/Chassis Default Checker', '0D'] fasttrack_text = (""" Welcome to the Social-Engineer Toolkit - """ + bcolors.BOLD + """Fast-Track Penetration Testing platform""" + bcolors.ENDC + """. These attack vectors have a series of exploits and automation aspects to assist in the art of penetration testing. SET now incorporates the attack vectors leveraged in Fast-Track. All of these attack vectors have been completely rewritten and customized from scratch as to improve functionality and capabilities. """) fasttrack_exploits_menu1 = ['MS08-067 (Win2000, Win2k3, WinXP)', 'Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7)', 'Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit', 'RDP | Use after Free - Denial of Service', 'MySQL Authentication Bypass Exploit', 'F5 Root Authentication Bypass Exploit', '0D'] fasttrack_exploits_text1 = (""" Welcome to the Social-Engineer Toolkit - Fast-Track Penetration Testing """ + bcolors.BOLD + """Exploits Section""" + bcolors.ENDC + """. This menu has obscure exploits and ones that are primarily python driven. This will continue to grow over time. """) fasttrack_mssql_menu1 = ['Scan and Attack MSSQL', 'Connect directly to MSSQL', '0D'] fasttrack_mssql_text1 = (""" Welcome to the Social-Engineer Toolkit - Fast-Track Penetration Testing """ + bcolors.BOLD + """Microsoft SQL Brute Forcer""" + bcolors.ENDC + """. This attack vector will attempt to identify live MSSQL servers and brute force the weak account passwords that may be found. If that occurs, SET will then compromise the affected system by deploying a binary to hexadecimal attack vector which will take a raw binary, convert it to hexadecimal and use a staged approach in deploying the hexadecimal form of the binary onto the underlying system. At this point, a trigger will occur to convert the payload back to a binary for us. """) webattack_text = (""" The Web Attack module is a unique way of utilizing multiple web-based attacks in order to compromise the intended victim. The """ + bcolors.BOLD + """Java Applet Attack""" + bcolors.ENDC + """ method will spoof a Java Certificate and deliver a metasploit based payload. Uses a customized java applet created by Thomas Werth to deliver the payload. The """ + bcolors.BOLD + """Metasploit Browser Exploit""" + bcolors.ENDC + """ method will utilize select Metasploit browser exploits through an iframe and deliver a Metasploit payload. The """ + bcolors.BOLD + """Credential Harvester""" + bcolors.ENDC + """ method will utilize web cloning of a web- site that has a username and password field and harvest all the information posted to the website. The """ + bcolors.BOLD + """TabNabbing""" + bcolors.ENDC + """ method will wait for a user to move to a different tab, then refresh the page to something different. The """ + bcolors.BOLD + """Man Left in the Middle Attack""" + bcolors.ENDC + """ method was introduced by Kos and utilizes HTTP REFERER's in order to intercept fields and harvest data from them. You need to have an already vulnerable site and in- corporate