The Social-Engineer Toolkit (SET)

HAcK WhatEver as Your Wish

The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the launch and has quickly became a standard tool in a penetration testers arsenal.

It is a python Programme and it can install by Python.

Recommended : Kali Linux.

Download ( SET ) - https://userscloud.com/1iffynp9d2ss

User Manual Pdf - https://userscloud.com/16xla0m8kcca

********** https://www.facebook.com/command.xnd/ **********

Tutorials

Section 1. Configure BackTrack Virtual Machine Settings

Open Your VMware Player
- Instructions:
  1. On Your Host Computer, Go To
  2. Start --> All Program --> VMWare --> VMWare Player
Edit BackTrack Virtual Machine Settings
- Instructions:
  1. Highlight BackTrack5R1
  2. Click Edit virtual machine settings
Edit Network Adapter

Instructions:
1. Highlight Network Adapter
2. Select Bridged
3. Do not Click on the OK Button.

Section 2. Login to BackTrack

Start BackTrack VM Instance
- Instructions:
  1. Start Up VMWare Player
  2. Select BackTrack5R1
  3. Play virtual machine
Login to BackTrack
- Instructions:
  1. Login: root
  2. Password: toor or <whatever you changed it to>.
Bring up the GNOME
- Instructions:
  1. Type startx

Section 3. Open Console Terminal and Retrieve IP Address

Open a console terminal
- Instructions:
  1. Click on the console terminal
Get IP Address
- Instructions:
  1. ifconfig -a
- Notes(FYI):
  1. As indicated below, my IP address is 192.168.1.108.
  2. Please record your IP address.
  3. If you don't obtain an IP Address, type "dhclient".

Section 4. Start the Social Engineering ToolKit

Start Social Engineering ToolKit
- Instructions:
  1. cd /pentest/exploits/set
  2. ./set
Website Attack Vector
- Instructions:
  1. Select 2
Select Credential Harvester Method
- Instructions:
  1. Select 3
Select Site Cloner
- Instructions:
  1. Select 2
Enter URL to Clone
- Instructions:
  1. https://www.facebook.com/login.php
  2. Press <Enter>
Website Cloning
- Instructions:
  1. It might take a few minutes to clone the site.
  2. Just Press <Enter>
  3. Then Continue to the Next Section to text this exploit.
- Note(FYI):
  1. Now you have created a cloned facebook login webpage that is listening on port 80.

Section 5. Start Up Windows Machine

Social Engineering Note
- The Victim does not have to use the below VMware Instance.
- It can be any type of web browser (i.e., Internet Explorer, Firefox, Chrome, etc) for any type of Operating System (Windows, Linux, MacOS, etc).
- Image an attacker sending an email to the victim that reads, "Hey Check out the new beta version of facebook", or whatever website that was cloned.

Start Up Damn Vulnerable WXP-SP2.
- Instructions:
  1. Click on Damn Vulnerable WXP-SP2
  2. Click on Edit virtual machine Settings
- Note(FYI):
  - For those of you not part of my class, this is a Windows XP machine running SP2.
Edit Virtual Machine Settings
- Instructions:
  1. Click on Network Adapter
  2. Click on the Bridged Radio button
  3. Click on the OK Button
Play Virtual Machine
- Instructions:
  1. Click on Damn Vulnerable WXP-SP2
  2. Click on Play virtual machine
Logging into Damn Vulnerable WXP-SP2.
- Instructions:
  1. Username: administrator
  2. Password: Use the Class Password or whatever you set it.
Open a Command Prompt
- Instructions:
  1. Start --> All Programs --> Accessories --> Command Prompt
Obtain Damn Vulnerable WXP-SP2's IP Address
- Instructions:
  1. ipconfig
- Note(FYI):
  1. In my case, Damn Vulnerable WXP-SP2's IP Address 192.168.1.109.
  2. This is the IP Address of the Victim Machine that will be attacked by Metasploit.
  3. Record your Damn Vulnerable WXP-SP2's IP Address.

Section 6. Start Up a Web Browser

Start Up Internet Explorer
- Instructions:
  1. Start --> All Programs --> Internet Explorer
Victim Clicks on Link
- Note(FYI):
  - Replace 192.168.1.108 with BackTrack's IP Address obtain from (Section 3, Step 2).
- Instructions:
  1. Place the BackTrack IP in the Address Bar.
    - In my case, http://192.168.1.108
  2. Provide a test UserID.
  3. Provide a test Password.
  4. Click Login.
Analyzing Results After Login
- Instructions:
  1. Notice that the Address URL changed to Facebook.
    - This is to give the victim a sense of perhaps a failed login attempt instead of invoking suspicion and alarm.
  2. Notice the Email textbox is populated with the Login you previous supplied to Cloned Webpage.
  3. Continue to the next section to see the victim's username and password.

Section 7. View Victim's Username and Password

Viewing Victim's Username and Password
- Instructions: (On BackTrack)
  1. Notice that now you have data showing the victim's username and password.
    - Let's say you sent this cloned link to many victim's and left SET run for a while, you will see a lot of username and password combinations.
  2. To Exit, press the <Ctrl> and "c" key at the same time.
Copy Report Link
- Instructions:
  1. Highlight the XML link and Right Click
  2. Click on Copy
  3. Press <Enter>
Exit Web Attack Menu
- Instructions:
  1. Type 99
  2. Press <Enter>
Exit Web Attack Menu
- Instructions:
  1. Type 99
  2. Press <Enter>
Exit Web Attack Menu
- Instructions:
  1. cat "reports/2014-02-08 05:10:21.784846.xml"
    - Note: In your case, this is the report created in Step 2 or this Section.
  2. Notice the Victim's Login Credentials
- Notes(FYI):
  1. Make sure you put quotes(") around your file name.

Section 7. Proof of Lab

Proof of Lab
- Instructions:
  1. Clone http://www.linkedin.com
    - (See Section 5)
    - For the Victim Login use the following address
      - first.last@victim.com
      - E.g., john.gray@victim.com
  2. cat the log you created for the cloned linkedin website.
    - (See Section 6, Step 5)
  3. date
  4. echo "Your Name"
    - e.g., echo "John Gray"
- Proof of Lab Instructions:
  1. Do a Print Screen using the <PrtScn> button.
  2. Paste into a word document.
  3. Upload to Moodle.

Monday, September 11, 2017