Tools no image

Published on April 2nd, 2011 | by NJ Ouchn


The Social-Engineer Toolkit (SET) v1.3 “Artillery Edition” Released


The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.

This is a major release and about 4 months of straight development that adds a ton of new features. For a list of changes, check out the previous blog post which has them listed and check out the new teaser video! This has a number of changes to highlight a couple of the major, a completely custom interactive SET shell and RATTE a HTTP tunneling blowfish encrypted payload. Also a new attack vector including the wireless attack vector which will setup a rogue access point, spoof DNS, and launch the different SET attack vectors. Have fun and enjoy!


  • Updated the web-gui interface to reflect all new PDF exploits
  • Updated the web-gui interface to reflect all new client-side exploits
  • Added a new setup.py installer file for debian based systems only, will add manual install options later
  • Updated all of the powershell HID attack vectors to fix bugs and support multi-language support. Thanks padzero!
  • Added AES encryption to the socket communication, it requires Crypto.Cipher which is from the PyCrypto libraries.
  • Added python-crypto to the installer setup.py installation
  • Fixed web-gui alignment on new options so they match up properly to SET-interface
  • Added better error handling around the openssl python module if it isn’t installed
  • Added download_file capabilities into the SET interactive shell.
  • Added upload_file capabilites into the SET interactive shell.
  • Added shell capabilties into the SET interactive shell.
  • Added ssh_tunneling capabilities into the SET interactive shell. You can tunnel any port you want to over ssh
  • Added a teensy Gnome wget payload thanks to Hugo Caron (y0ug)!
  • Fixed a bug in a menu where teensy payload return to menu would not return properly to main menu
  • Fixed a bug where the Mass Mailer Menu didn’t properly return back to main menu when specified.
  • Added process list in the SET interactive shell.
  • Added process kill in the SET interactive shell.
  • Added dsniff to set_config as an option instead of ettercap, can use either one.
  • Added centralized logging in SET, log files will now be dumped to src/logs/set_logfile.log
  • Added logging to main SET interface, handles main SET interactive shell errors
  • Added logging to arp_cache.py file, handles arp cache errors
  • Added logging to hijacking.py file, handles dll_hijacking errors
  • Added logging to harvester.py file, handles credential harvesting errors
  • Added logging to payloadgen.py file, handles payload generation errors
  • Fixed a bug where if site wouldn’t clone properly it would just exit SET, it now just returns back to main menu.
  • Fixed a bug where the new addition to dnsspoof would not properly kill dnsspoof when exiting SET, it now terminates when an exception is thrown
  • Added logging to web_server.py file, handles main SET web server errors
  • Added logging to spawn.py file, handles main spawn handles for SET
  • Added the ability to specify high priority during emails or not, thanks Jonathan Murray!
  • Added new core module libary called log(error) will centralize log messages through core function calls
  • Added the new Sun Java Applet2ClassLoader Remote Code Execution Exploit from Frederic Hoguin and jduck that was recently added to Metasploit
  • Moved version number to src/main/ instead of src root
  • Added the new RATTE payloads to SET that was created by Thomas Werth to circumvent firewall based restrictions. Awesome addition!
  • Added the new DSNIFF changes to the web gui to ensure that when the option is enabled in set_config it now gets picked up in web gui
  • Fixed a bug in web gui where if HTML/Plain wasn’t specified, it would not properly run the answer file to launch the attack
  • Added the SET interactive shell to the Java Applet Attack Vector on the SET web-gui
  • Fixed a mishandling of OS.Error exceptions in spawn.py which caused SET to spit out a pexpect exceptions error when using KeyBoardInterrupt exceptions handler
  • Deleted the database directory under src, was no longer needed
  • Added the Sun Java Applet2ClassLoader Remote Code Execution by Frederic Hoguin and jduck to the web gui interface
  • Added RATTE to the SET Web GUI under the payload selection area, it’s only to be used for the Java Applet attack.
  • Added the Adobe Flash Player AVM Bytecode Verification Vulnerability from the Metasploit Framework to SET
  • Added the Adobe Flash Player AVM Bytecode Verification Vulnerability to the SET web gui.
  • Added six more spear-phishing templates that can be found under the spear-phish attack menu
  • Added a new attack vector called the SET Wireless Attack Vector, this will create a fake access point and redirect all traffic to you
  • Added the ability to stop all services/processes started by the SET Wireless Attack vector, it is now under the options menu
  • Added the Thomas Werth RATTE module to third party modules as well as under the main payload section. Great example to tweak third party modules and add things.
  • Added airbase-ng to SET in case it is not installed. Thanks to Mister-X for the approval to include it into SET!
  • Added new wireless attack vector to the SET web gui, menus have been changed slightly
  • Added the new templates recently added to the SET web gui, they are under the spear-phish menu
  • Added a binary rewrite of UPX encoder stubs so that it randomizes a three character alphanumeric to remove UPX from the binary. A bit better obfsucation for A/V detection.
  • Fixed a bug where upx encoding wasn’t working properly and wouldn’t encode the right binary
  • Added a new core module called core.upx(path_to_file) which will automatically encode the file via upx and rewrite the UPX stubs with a three character alphanumeric stub
  • Fixed a bug in the SET interactive shell that was causing it to fail if the pycrypto modules were not installed.


Tags: , , ,

About the Author

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"

Back to Top ↑