#!/usr/bin/env python ######################################### # # The Social-Engineer Toolkit # Written by: David Kennedy (ReL1K) # ############################################### import shutil import os import time import re import sys import socket from src.core.setcore import * from src.core.menu import text me = mod_name() ############################################### # Define path and set it to the SET root dir ############################################### definepath = os.getcwd() sys.path.append(definepath) ################################################ # ROOT CHECK ################################################ # grab the operating system operating_system = check_os() # grab metasploit path msf_path = meta_path() if operating_system == "posix": if os.geteuid() != 0: print "\n The Social-Engineer Toolkit (SET) - by David Kennedy (ReL1K)" print "\n Not running as root. \n\nExiting the Social-Engineer Toolkit (SET).\n" sys.exit(1) define_version = get_version() # remove old stale files and restore java applet to original applet # cleanup_routine() try: while 1: show_banner(define_version, '1') ################################################### # USER INPUT: SHOW MAIN MENU # ################################################### debug_msg(me, "printing 'text.main'", 5) show_main_menu = create_menu(text.main_text, text.main) # special case of list item 99 print '\n 99) Return back to the main menu.\n' main_menu_choice = (raw_input(setprompt("0", ""))) if main_menu_choice == 'exit': break if operating_system == "windows" or msf_path == False: if main_menu_choice == "1" or main_menu_choice == "4" or main_menu_choice == "8" or main_menu_choice == "3": print_warning("Sorry. This feature is not yet supported in Windows or Metasploit was not found.") return_continue() break if main_menu_choice == '1': #'Spearphishing Attack Vectors while 1: ################################################### # USER INPUT: SHOW SPEARPHISH MENU # ################################################### if operating_system != "windows": debug_msg(me, "printing 'text.spearphish_menu'", 5) show_spearphish_menu = create_menu(text.spearphish_text, text.spearphish_menu) spearphish_menu_choice = raw_input(setprompt(["1"], "")) if spearphish_menu_choice == 'exit': exit_set() if spearphish_menu_choice == 'help': print text.spearphish_text # Spearphish menu choice 1: Perform a Mass Email Attack if spearphish_menu_choice == '1': sys.path.append("src/core/msf_attacks/") debug_msg(me, "importing 'src.core.msf_attacks.create_payload'", 1) try: reload(create_payload) except: pass import create_payload # Spearphish menu choice 2: Create a FileFormat Payload if spearphish_menu_choice == '2': sys.path.append("src/core/msf_attacks/") debug_msg(me, "importing 'src.core.msf_attacks.create_payload'", 1) try: reload(create_payload) except: import create_payload #Spearphish menu choice 3: Create a Social-Engineering Template if spearphish_menu_choice == '3': debug_msg(me, "calling function 'custom_template' from 'src.core.setcore'", 3) custom_template() #Spearphish menu choice 99 if spearphish_menu_choice == '99': break ##################### # Web Attack Menu ##################### # Main Menu choice 2: Website Attack Vectors if main_menu_choice == '2': while 1: ################################################### # USER INPUT: SHOW WEB ATTACK MENU # ################################################### debug_msg(me, "printing 'text.webattack_menu'", 5) show_webattack_menu = create_menu(text.webattack_text, text.webattack_menu) attack_vector = raw_input(setprompt(["2"], "")) choice3 = "" if attack_vector == 'exit': exit_set() if attack_vector == "": debug_msg(me, "no attack vector entered, defaulting to '1) Java Applet Attack Method'", 3) attack_vector = "1" # check unsupported features if operating_system == "windows" or msf_path == False: if attack_vector == "2" or attack_vector == "9": print_warning("Sorry. This option is not yet available in Windows or Metasploit was not found.") return_continue() break # Web Attack menu choice 9: Create or Import a CodeSigning Certificate if attack_vector == '8': sys.path.append("src/html/unsigned") debug_msg(me, "importing 'src.html.unsigned.verified_sign'", 1) try: reload(verified_sign) except: import verified_sign # Web Attack menu choice 9: Return to the Previous Menu if attack_vector == '99': break try: attack_check = int(attack_vector) except: print_error("ERROR:Invalid selection, going back to menu.") break if attack_check > 9: print_warning("Invalid option") return_continue() break # Removed to delete MLITM if attack_vector != "99999": ################################################### # USER INPUT: SHOW WEB ATTACK VECTORS MENU # ################################################### if attack_vector != "8": debug_msg(me, "printing 'text.webattack_vectors_menu'", 5) show_webvectors_menu = create_menu(text.webattack_vectors_text, text.webattack_vectors_menu) print ' 99) Return to Webattack Menu\n' choice3 = raw_input(setprompt(["2"], "")) if choice3 == 'exit': exit_set() if choice3 == "99": break if choice3 == "quit" or choice3 == '4': break try: # write our attack vector to file to be called later os.chdir(definepath) filewrite = file(setdir + "/attack_vector","w") # webjacking and web templates are not allowed if attack_vector == "6" and choice3 == "1": print bcolors.RED+ "\n Sorry, you can't use the Web Jacking vector with Web Templates."+ bcolors.ENDC return_continue() break # if we select multiattack, web templates are not allowed if attack_vector == "7" and choice3 == "1": print bcolors.RED+ "\n Sorry, you can't use the Multi-Attack vector with Web Templates." + bcolors.ENDC return_continue() break # if we select web template and tabnabbing, throw this error and bomb out to menu if attack_vector == "4" and choice3 == "1": print bcolors.RED+ "\n Sorry, you can only use the cloner option with the tabnabbing method." + bcolors.ENDC return_continue() break # if attack vector is default or 1 for java applet if attack_vector == '': attack_vector = '1' # specify java applet attack if attack_vector == '1': attack_vector = "java" filewrite.write(attack_vector) filewrite.close() # specify browser exploits if attack_vector == '2': attack_vector = "browser" filewrite.write(attack_vector) filewrite.close() if attack_vector == '': attack_vector = '3' # specify web harvester method if attack_vector == '3': attack_vector = "harvester" filewrite.write(attack_vector) filewrite.close() print_info("Credential harvester will allow you to utilize the clone capabilities within SET") print_info("to harvest credentials or parameters from a website as well as place them into a report") # specify tab nabbing attack vector if attack_vector == '4': attack_vector = "tabnabbing" filewrite.write(attack_vector) filewrite.close() # specify webjacking attack vector if attack_vector == "5": attack_vector = "webjacking" filewrite.write(attack_vector) filewrite.close() # specify Multi-Attack Vector attack_vector_multi = "" if attack_vector == '6': # trigger the multiattack flag in SET attack_vector = "multiattack" # write the attack vector to file filewrite.write(attack_vector) filewrite.close() # pull ip address if choice3 != "-1": fileopen = file("config/set_config", "r").readlines() for line in fileopen: line = line.rstrip() match = re.search("AUTO_DETECT=ON", line) if match: try: ipaddr = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) ipaddr.connect(('google.com', 0)) ipaddr.settimeout(2) ipaddr = ipaddr.getsockname()[0] update_options("IPADDR=" + ipaddr) except Exception, error: log(error) ipaddr = raw_input(setprompt(["2"], "Your interface IP Address")) update_options("IPADDR=" + ipaddr) # if AUTO_DETECT=OFF prompt for IP Address for line in fileopen: line = line.rstrip() match = re.search("AUTO_DETECT=OFF", line) if match: if attack_vector != "harvester": if attack_vector != "tabnabbing": if attack_vector != "webjacking": # this part is to determine if NAT/port forwarding is used # if it is it'll prompt for additional questions print_info("NAT/Port Forwarding can be used in the cases where your SET machine is") print_info("not externally exposed and may be a different IP address than your reverse listener.") nat_or_fwd = yesno_prompt('0', 'Are you using NAT/Port Forwarding [yes|no]') if nat_or_fwd == "YES": ipquestion = raw_input(setprompt(["2"], "IP address to SET web server (this could be your external IP or hostname)")) filewrite2 = file(setdir + "/interface", "w") filewrite2.write(ipquestion) filewrite2.close() # is your payload/listener on a different IP? natquestion = yesno_prompt(["2"], "Is your payload handler (metasploit) on a different IP from your external NAT/Port FWD address [yes|no]") if natquestion == 'YES': ipaddr = raw_input(setprompt(["2"], "IP address for the reverse handler (reverse payload)")) if natquestion == "NO": ipaddr = ipquestion # if you arent using NAT/Port FWD if nat_or_fwd == "NO": print_info("Enter the IP address of your interface IP or if your using an external IP, what") print_info("will be used for the connection back and to house the web server (your interface address)") ipaddr = raw_input(setprompt(["2"], "IP address or hostname for the reverse connection")) # here we check if they are using a hostname else we loop through until they have a legit one if validate_ip(ipaddr) == False: while 1: choice = raw_input(setprompt(["2"], "This is not an IP address. Are you using a hostname? [y/n] ")) if choice == "" or choice.lower() == "y": print_status("Roger that. Using hostnames moving forward..") break else: ipaddr = raw_input(setprompt(["2"], "IP address for the reverse connection")) if validate_ip(ipaddr) == True: break if attack_vector == "harvester" or attack_vector == "tabnabbing" or attack_vector == "webjacking": print_info("This option is used for what IP the server will POST to.") print_info("If you're using an external IP, use your external IP for this") ipaddr = raw_input(setprompt(["2"], "IP address for the POST back in Harvester/Tabnabbing")) update_options("IPADDR=" + ipaddr) # if java applet attack if attack_vector == "java": # Allow Self-Signed Certificates fileopen = file("config/set_config", "r").readlines() for line in fileopen: line = line.rstrip() match = re.search("SELF_SIGNED_APPLET=ON", line) if match: sys.path.append("src/html/unsigned/") debug_msg(me, "importing 'src.html.unsigned.self_sign'", 1) import self_sign # Select SET quick setup if choice3 == '1': # get the template ready sys.path.append("src/html/templates") debug_msg(me, "importing src.html.templates.template'", 1) try: reload(template) except: import template # grab browser exploit selection if attack_vector == "browser": # grab clientattack sys.path.append("src/webattack/browser_exploits") debug_msg(me, "line 357: importing 'src.webattack.browser_exploits.gen_payload'", 1) try: reload(gen_payload) except: import gen_payload # arp cache attack, will exit quickly # if not in config file sys.path.append("src/core/arp_cache") debug_msg(me, "line 364: importing 'src.core.arp_cache.arp'", 1) try: reload(arp) except: import arp # actual website attack here # web_server.py is main core sys.path.append("src/html/") # clean up stale file if os.path.isfile(setdir + "/cloner.failed"): os.remove(setdir + "/cloner.failed") site_cloned = True debug_msg(me, "line 375: importing 'src.webattack.web_clone.cloner'", 1) try: reload(src.webattack.web_clone.cloner) except: import src.webattack.web_clone.cloner # grab java applet attack if attack_vector == "java": debug_msg(me, "importing 'src.core.payloadgen.create_payloads'", 1) try: reload(src.core.payloadgen.create_payloads) except: import src.core.payloadgen.create_payloads if os.path.isfile(setdir + "/cloner.failed"): site_cloned = False if site_cloned == True: # cred harvester for auto site here if attack_vector == "harvester" or attack_vector == "tabnabbing" or attack_vector == "webjacking": if attack_vector == "tabnabbing" or attack_vector == "webjacking": debug_msg(me, "importing 'src.webattack.tabnabbing.tabnabbing'", 1) try:reload(src.webattack.tabnabbing) except: import src.webattack.tabnabbing # start web cred harvester here # sys.path.append("src/webattack/harvester") debug_msg(me, "importing 'src.webattack.harvester.harvester'", 1) try: reload(src.webattack.harvester.harvester) except: import src.webattack.harvester.harvester # if we are using profiler lets prep everything to get ready if attack_vector == "profiler": from src.webattack.profiler.webprofiler import * prep_website() if attack_vector != "harvester": if attack_vector != "tabnabbing": if attack_vector != "multiattack": if attack_vector != "webjacking": if attack_vector != "multiattack": if attack_vector != "profiler": # spawn web server here debug_msg(me, "importing 'src.html.spawn'", 1) import src.html.spawn # multi attack vector here if attack_vector == "multiattack": if choice3 == "1": try: filewrite = file("src/progam_junk/multiattack.template","w") filewrite.write("TEMPLATE=TRUE") filewrite.close() except: pass debug_msg(me, "importing 'src.webattack.multi_attack.multiattack'", 1) import src.webattack.multi_attack.multiattack # Create a website clone if choice3 == '2': # flag that we want a custom website sys.path.append("src/webattack/web_clone/") if os.path.isfile(setdir + "/site.template"): os.remove(setdir + "/site.template") filewrite = file(setdir + "/site.template", "w") filewrite.write("TEMPLATE=CUSTOM") print_info("SET supports both HTTP and HTTPS") # specify the site to clone print_info("Example: http://www.thisisafakesite.com") URL = raw_input(setprompt(["2"], "Enter the url to clone")) match = re.search("http://", URL) match1 = re.search("https://", URL) if not match: if not match1: URL = ("http://"+URL) match2 = re.search("facebook.com", URL) if match2: URL = ("https://login.facebook.com/login.php") filewrite.write("\nURL=%s" % (URL)) filewrite.close() # grab browser exploit selection if attack_vector == "browser": # grab clientattack sys.path.append("src/webattack/browser_exploits") debug_msg(me, "importing 'src.webattack.browser_exploits.gen_payload'", 1) try: reload(gen_payload) except: import gen_payload # set site cloner to true site_cloned = True if attack_vector != "multiattack": # import our website cloner site_cloned = True debug_msg(me, "importing 'src.webattack.web_clone.cloner'", 1) try: reload(src.webattack.web_clone.cloner) except: import src.webattack.web_clone.cloner if os.path.isfile(setdir + "/cloner.failed"): site_cloned = False if site_cloned == True: if attack_vector == "java": # import our payload generator debug_msg(me, "importing 'src.core.payloadgen.create_payloads'", 1) try: reload(src.core.payloadgen.create_payloads) except: import src.core.payloadgen.create_payloads # arp cache if applicable sys.path.append("src/core/arp_cache") debug_msg(me, "line 500: importing 'src.core.arp_cache.arp'", 1) try: reload(arp) except: import arp # tabnabbing and harvester selection here if attack_vector == "harvester" or attack_vector == "tabnabbing" or attack_vector == "webjacking": if attack_vector == "tabnabbing" or attack_vector == "webjacking": sys.path.append("src/webattack/tabnabbing") debug_msg(me, "importing 'src.webattack.tabnabbing.tabnabbing'", 1) try: reload(tabnabbing) except: import tabnabbing sys.path.append("src/webattack/harvester") debug_msg(me, "importing 'src.webattack.harvester.harvester'", 1) try: reload(harvester) except: import harvester # multi_attack vector here if attack_vector == "multiattack": sys.path.append("src/webattack/multi_attack/") debug_msg(me, "importing 'src.webattack.multi_attack.multiattack'", 1) try: reload(multiattack) except: import multiattack # if we arent using credential harvester or tabnabbing if attack_vector != "harvester": if attack_vector != "tabnabbing": if attack_vector != "multiattack": if attack_vector != "webjacking": sys.path.append("src/html") debug_msg(me, "importing 'src.html.spawn'", 1) try: reload(spawn) except: import spawn # Import your own site if choice3 == '3': sys.path.append("src/webattack/web_clone/") if os.path.isfile(setdir + "/site.template"): os.remove(setdir + "/site.template") filewrite = file(setdir + "/site.template", "w") filewrite.write("TEMPLATE=SELF") # specify the site to clone if not os.path.isdir(setdir + "/web_clone"): os.makedirs(setdir + "/web_clone") print_warning("Example: /home/website/ (make sure you end with /)") print_warning("Also note that there MUST be an index.html in the folder you point to.") URL = raw_input(setprompt(["2"], "Path to the website to be cloned")) if not URL.endswith("/"): if not URL.endswith("index.html"): URL = URL + "/" if not os.path.isfile(URL+"index.html"): if os.path.isfile(URL): shutil.copyfile("%s" % (URL), setdir + "/web_clone/index.html") if not os.path.isfile(URL): if URL.endswith("index.html"): shutil.copyfile(URL, "%s/web_clone/index.html" % (setdir)) else: print_error("ERROR:index.html not found!!") print_error("ERROR:Did you just put the path in, not file?") print_error("Exiting the Social-Engineer Toolkit...Hack the Gibson.\n") exit_set() if os.path.isfile(URL+"index.html"): print_status("Index.html found. Do you want to copy the entire folder or just index.html?") choice = raw_input("\n1. Copy just the index.html\n2. Copy the entire folder\n\nEnter choice [1/2]: ") if choice == "1" or choice == "": if os.path.isfile("%s/web_clone/index.html" % (setdir)): os.remove("%s/web_clone/index.html" % (setdir)) shutil.copyfile(URL + "index.html", "%s/web_clone/" % (setdir)) if choice == "2": if os.path.isdir(URL + "src/webattack"): print_error("You cannot specify a folder in the default SET path. This goes into a loop Try something different.") URL = raw_input("Enter the folder to import into SET, this CANNOT be the SET directory: ") if os.path.isdir(URL + "src/webattack" % (URL)): print_error("You tried the same thing. Exiting now.") sys.exit() copyfolder(URL, "%s/web_clone/" % setdir) filewrite.write("\nURL=%s" % (URL)) filewrite.close() # if not harvester then load up cloner if attack_vector == "java" or attack_vector == "browser": # import our website cloner debug_msg(me, "importing 'src.webattack.web_clone.cloner'", 1) import src.webattack.web_clone.cloner # if java applet attack if attack_vector == "java": # import our payload generator debug_msg(me, "importing 'src.core.payloadgen.create_payloads'", 1) import src.core.payloadgen.create_payloads # grab browser exploit selection if attack_vector == "browser": # grab clientattack sys.path.append("src/webattack/browser_exploits") debug_msg(me, "importing 'src.webattack.browser_exploits.gen_payload'", 1) try: reload(gen_payload) except: import gen_payload # arp cache if applicable sys.path.append("src/core/arp_cache") debug_msg(me, "line 592: importing 'src.core.arp_cache.arp'", 1) try: reload(arp) except: import arp # if not harvester spawn server if attack_vector == "java" or attack_vector == "browser": # import web_server and do magic sys.path.append("src/html") debug_msg(me, "importing 'src.html.spawn'", 1) try: reload(spawn) except: import spawn # cred harvester for auto site here if attack_vector == "harvester": # get the url print_info("Example: http://www.blah.com") URL = raw_input(setprompt(["2"], "URL of the website you imported")) match = re.search("http://", URL) match1 = re.search("https://", URL) if not match: if not match1: URL = ("http://"+URL) filewrite = file(setdir + "/site.template","w") filewrite.write("\nURL=%s" % (URL)) filewrite.close() # start web cred harvester here sys.path.append("src/webattack/harvester") debug_msg(me, "importing 'src.webattack.harvester.harvester'", 1) try: reload(harvester) except: import harvester # tabnabbing for auto site here if attack_vector == "tabnabbing" or attack_vector == "webjacking": # get the url print_info("Example: http://www.blah.com") URL = raw_input(setprompt(["2"], "URL of the website you imported")) match = re.search("http://", URL) match1 = re.search("https://", URL) if not match: if not match1: URL = ("http://"+URL) filewrite = file(setdir + "/site.template","w") filewrite.write("\nURL=%s" % (URL)) filewrite.close() # start tabnabbing here sys.path.append("src/webattack/tabnabbing") debug_msg(me, "importing 'src.webattack.tabnabbing.tabnabbing'", 1) try: reload(tabnabbing) except: import tabnabbing # start web cred harvester here sys.path.append("src/webattack/harvester") debug_msg(me, "importing 'src.webattack.harvester.harvester'", 1) try: reload(harvester) except: import harvester # multi attack vector here if attack_vector == "multiattack": try: filewrite = file("src/progam_junk/multiattack.template","w") filewrite.write("TEMPLATE=TRUE") filewrite.close() except: pass debug_msg(me, "importing 'src.webattack.multi_attack.multiattack'", 1) import src.webattack.multi_attack.multiattack # Return to main menu if choice3 == '4': print (" Returning to main menu.\n") break except KeyboardInterrupt: print " Control-C detected, bombing out to previous menu.." break # Define Auto-Infection USB/CD Method here if main_menu_choice == '3': ################################################### # USER INPUT: SHOW INFECTIOUS MEDIA MENU # ################################################### # Main Menu choice 3: Infectious Media Generator debug_msg(me, "printing 'text.infectious_menu'", 5) show_infectious_menu = create_menu(text.infectious_text, text.infectious_menu) infectious_menu_choice = raw_input(setprompt(["3"], "")) if infectious_menu_choice == 'exit': exit_set() if infectious_menu_choice == "99": menu_back() if infectious_menu_choice == "": infectious_menu_choice = "1" # if fileformat if infectious_menu_choice == "1": ipaddr = raw_input(setprompt(["3"], "IP address for the reverse connection (payload)")) update_options("IPADDR=" + ipaddr) filewrite1 = file(setdir + "/payloadgen", "w") filewrite1.write("payloadgen=solo") filewrite1.close() # if choice is file-format if infectious_menu_choice == "1": filewrite = file(setdir + "/fileformat.file","w") filewrite.write("fileformat=on") filewrite.close() sys.path.append("src/core/msf_attacks/") debug_msg(me, "importing 'src.core.msf_attacks.create_payload'", 1) try: reload(create_payload) except: import create_payload # if choice is standard payload if infectious_menu_choice == "2": filewrite = file(setdir + "/standardpayload.file", "w") filewrite.write("standardpayload=on") filewrite.close() #sys.path.append("src/core/payloadgen/") #try: reload(create_payloads) #except: import create_payloads debug_msg(me, "importing 'src.core.payloadgen.create_payloads'", 1) import src.core.payloadgen.create_payloads if infectious_menu_choice != "99": # import the autorun stuff sys.path.append("src/autorun/") debug_msg(me, "importing 'src.autorun.autorun'", 1) try: reload(autorun) except: import autorun if infectious_menu_choice == "2": sys.path.append("src/core/payloadgen/") debug_msg(me, "importing 'src.core.payloadgen.solo'", 1) try: reload(solo) except: import solo # # # Main Menu choice 4: Create a Payload and Listener # # if main_menu_choice == '4': filewrite = file(setdir + "/payloadgen", "w") filewrite.write("payloadgen=solo") filewrite.close() debug_msg(me, "importing 'src.core.payloadgen.create_payloads'", 1) import src.core.payloadgen.create_payloads print_status("Your payload is now in the root directory of SET as msf.exe") if os.path.isfile(setdir + "/meterpreter.alpha"): print "[*] Saving alphanumeric shellcode in root directory of SET as meterpreter.alpha" shutil.copyfile(setdir + "/meterpreter.alpha", "meterpreter.alpha") if os.path.isfile(setdir + "/msf.exe"): shutil.copyfile(setdir + "/msf.exe", "msf.exe") # if we didn't select the SET interactive shell or RATTE if not os.path.isfile(setdir + "/set.payload"): upx_check = check_config("UPX_ENCODE=") if upx_check.lower() == "on": upx("msf.exe") # if the set payload is there if os.path.isfile(setdir + "/set.payload"): shutil.copyfile(setdir + "/msf.exe", "msf.exe") sys.path.append("src/core/payloadgen/") debug_msg(me, "importing 'src.core.payloadgen.solo'", 1) try: reload(solo) except: import solo return_continue() # Main Menu choice 5: Mass Mailer Attack if main_menu_choice == '5': sys.path.append("src/phishing/smtp/client") debug_msg(me, "importing 'src.phishing.smtp.client.smtp_web'", 1) try: reload(smtp_web) except: import smtp_web # Main Menu choice 6: Teensy USB HID Attack Vector if main_menu_choice == '6': ################################################### # USER INPUT: SHOW TEENSY MENU # ################################################### debug_msg(me, "printing 'text.teensy_menu'", 5) show_teensy_menu = create_menu(text.teensy_text, text.teensy_menu) teensy_menu_choice = raw_input(setprompt(["6"], "")) if teensy_menu_choice == 'exit': exit_set() # if not return to main menu yes_or_no = '' if teensy_menu_choice != "99": # set our teensy info file in program junk filewrite = file(setdir + "/teensy", "w") filewrite.write(teensy_menu_choice+"\n") if teensy_menu_choice != "3" and teensy_menu_choice != "7" and teensy_menu_choice !="8" and teensy_menu_choice !="9" and teensy_menu_choice !="10" and teensy_menu_choice != "11" and teensy_menu_choice != "12" and teensy_menu_choice != "13": yes_or_no = yesno_prompt("0","Do you want to create a payload and listener [yes|no]: ") if yes_or_no == "YES": filewrite.write("payload") filewrite.close() # load a payload sys.path.append("src/core/payloadgen") debug_msg(me, "importing 'src.core.payloadgen.create_payloads'", 1) try: reload(create_payloads) except: import create_payloads if yes_or_no == "NO": filewrite.close() # need these default files for web server load filewrite = file(setdir + "/site.template", "w") filewrite.write("TEMPLATE=CUSTOM") filewrite.close() filewrite = file(setdir + "/attack_vector", "w") filewrite.write("hid") filewrite.close() # if we are doing binary2teensy if teensy_menu_choice != "7" and teensy_menu_choice !="8" and teensy_menu_choice != "9" and teensy_menu_choice !="10" and teensy_menu_choice != "11" and teensy_menu_choice != "12": sys.path.append("src/teensy") debug_msg(me, "importing 'src.teensy.teensy'", 1) try: reload(teensy) except: import teensy if teensy_menu_choice == "7": debug_msg(me, "importing 'src.teensy.binary2teensy'", 1) import src.teensy.binary2teensy # if we are doing sd2teensy attack if teensy_menu_choice == "8": debug_msg(me, "importing 'src.teensy.sd2teensy'", 1) import src.teensy.sd2teensy # if we are doing the sd2teensy osx attack if teensy_menu_choice == "9": print_status("Generating the SD2Teensy OSX pde file for you...") shutil.copyfile("src/teensy/osx_sd2teensy.pde %s/reports/" % (setdir)) print_status("File has been exported to ~/.set/reports/osx_sd2teensy.pde") return_continue() # if we are doing the X10 Arduino Sniffer if teensy_menu_choice == "10": print_status("Generating the Arduino sniffer and libraries pde..") if not os.path.isdir(setdir + "/reports/arduino_sniffers"): os.makedirs(setdir + "/reports/arduino_sniffers") shutil.copyfile("src/teensy/x10/x10_sniffer.pde", setdir + "/reports/arduino_sniffer") shutil.copyfile("src/teensy/x10/libraries.zip", setdir + "/reports/arduino_sniffer/") print_status("Arduino sniffer files and libraries exported to ~/.set/reports/arduino_sniffer") return_continue() # if we are doing the X10 Jammer if teensy_menu_choice == "11": print_status("Generating the Arduino jammer pde and libraries...") if not os.path.isdir(setdir + "/reports/arduino_jammer"): os.makedirs(setdir + "/reports/arduino_jammer") shutil.copyfile("src/teensy/x10/x10_blackout.pde", setdir + "/reports/arduino_jammer") shutil.copyfile("src/teensy/x10/libraries.zip", setdir + "/reports/arduino_hammer") print_status("Arduino jammer files and libraries exported to ~/.set/reports/arduino_jammer") return_continue() # powershell shellcode injection if teensy_menu_choice == "12": print_status("Generating the Powershell - Shellcode injection pde..") debug_msg(me, "importing 'src.teensy.powershell_shellcode'", 1) import src.teensy.powershell_shellcode if teensy_menu_choice == "99": teensy_menu_choice = None # # Main Menu choice 8: Wireless Attack Point Attack Vector # if main_menu_choice == '8': if operating_system == "windows": print_warning("Sorry. The wireless attack vector is not yet supported in Windows.") return_continue() if operating_system != "windows": # set path to nothing airbase_path = "" dnsspoof_path = "" # need to pull the SET config file fileopen = file("config/set_config", "r") for line in fileopen: line = line.rstrip() match = re.search("AIRBASE_NG_PATH=", line) if match: airbase_path = line.replace("AIRBASE_NG_PATH=", "") match1 = re.search("DNSSPOOF_PATH=", line) if match1: dnsspoof_path = line.replace("DNSSPOOF_PATH=", "") if not os.path.isfile(airbase_path): if not os.path.isfile("/usr/local/sbin/airbase-ng"): print_warning("Warning airbase-ng was not detected on your system. Using one in SET.") print_warning("If you experience issues, you should install airbase-ng on your system.") print_warning("You can configure it through the set_config and point to airbase-ng.") airbase_path = ("src/wireless/airbase-ng") if os.path.isfile("/usr/local/sbin/airbase-ng"): airbase_path = "/usr/local/sbin/airbase-ng" if not os.path.isfile(dnsspoof_path): if os.path.isfile("/usr/local/sbin/dnsspoof"): dnsspoof_path = "/usr/local/sbin/dnsspoof" # if we can find airbase-ng if os.path.isfile(airbase_path): if os.path.isfile(dnsspoof_path): # start the menu here while 1: ################################################### # USER INPUT: SHOW WIRELESS MENU # ################################################### debug_msg(me, "printing 'text.wireless_attack_menu'", 5) show_wireless_menu = create_menu(text.wireless_attack_text, text.wireless_attack_menu) wireless_menu_choice = raw_input(setprompt(["8"], "")) # if we want to start access point if wireless_menu_choice == "1": sys.path.append("src/wireless/") debug_msg(me, "importing 'src.wireless.wifiattack'", 1) try: reload(wifiattack) except: import wifiattack # if we want to stop the wifi attack if wireless_menu_choice == "2": sys.path.append("src/wireless/") debug_msg(me, "importing 'src.wireless.stop_wifiattack'", 1) try: reload(stop_wifiattack) except: import stop_wifiattack # if we want to return to the main menu if wireless_menu_choice == "99": print (" [*] Returning to the main menu ...") break if not os.path.isfile(dnsspoof_path): if not os.path.isfile("/usr/local/sbin/dnsspoof"): print_error("ERROR:DNS Spoof was not detected. Check the set_config file.") return_continue() # # END WIFI ATTACK MODULE # # Main Menu choice 9: QRCode Generator if main_menu_choice == '9': try: from PIL import Image, ImageDraw from src.qrcode.qrgenerator import * print """ The QRCode Attack Vector will create a QRCode for you with whatever URL you want. When you have the QRCode Generated, select an additional attack vector within SET and deploy the QRCode to your victim. For example, generate a QRCode of the SET Java Applet and send the QRCode via a mailer. """ url = raw_input("Enter the URL you want the QRCode to go to: ") # if the reports directory does not exist then create it if not os.path.isdir("%s/reports" % (setdir)): os.makedirs("%s/reports" % (setdir)) gen_qrcode(url) pause = raw_input("QRCode generated.") return_continue() except ImportError: print_error("This module requires python-imaging to work properly.") print_error("In Ubuntu do apt-get install python-imaging") print_error("Else refer to here for installation: http://code.google.com/appengine/docs/python/images/installingPIL.html") return_continue() # Main Menu choice 10: PowerShell Attacks if main_menu_choice == '10': #show_powershell_menu = create_menu(text.powershell_text, text.powershell_menu) #powershell_menu_choice = raw_input(setprompt(["1"], "")) import src.powershell.powershell # Main Menu choice 11: Third Party Modules if main_menu_choice == '11': sys.path.append("src/core") debug_msg(me, "importing 'src.core.module_handler'", 1) try: reload(module_handler) except: import module_handler # Main Menu choice 99: Exit the Social-Engineer Toolkit if main_menu_choice == '99': break # Main Menu choice 7: SMS Spoofing Attack Vector if main_menu_choice == '7': sms_menu_choice = '0' while sms_menu_choice != '3': ################################################### # USER INPUT: SHOW SMS MENU # ################################################### debug_msg(me, "printing 'text.sms_attack_text'", 5) show_sms_menu = create_menu(text.sms_attack_text, text.sms_attack_menu) sms_menu_choice = raw_input(setprompt(["7"], "")) if sms_menu_choice == 'exit': exit_set() if sms_menu_choice == '1': sys.path.append("src/sms/client/") debug_msg(me, "importing 'src.sms.client.sms_client'", 1) try: reload(sms_client) except: import sms_client if sms_menu_choice == '2': sys.path.append("src/sms/client/") debug_msg(me, "importing 'src.sms.client.custom_sms_template'", 1) try: reload(custom_sms_template) except: import custom_sms_template if sms_menu_choice == '99': break # handle keyboard interrupts except KeyboardInterrupt: print "\n\n Thank you for " + bcolors.RED+"shopping" + bcolors.ENDC+" with the Social-Engineer Toolkit.\n\n Hack the Gibson...and remember...hugs are worth more than handshakes.\n"