Jump to content
Wubi

Update: Social Engineer Toolkit 3.6!

Recommended Posts

Posted

Guys! The Social Engineer Toolkit (SET) has been updated recently! We now have Social Engineer Toolkit version 3.6! We wrote about the Social Engineer’s Toolkit in our old post here. This release has a funny codename – “MMMMhhhhmmmmmmmmm.” This release incorporates the SCCM attack vectors demonstrated at Defcon. The automation piece is still under development and expected to be released soon. In addition, new exploits have been released as well as additional enhancements and bug fixes. Full change log can be found below.

tsupdate.png

“The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing. It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.”

Official Social Engineer Toolkit change log:

  • adds the new SCCM attack vector to the social-engineer toolkit – allows you to patch SCCM servers to deploy backdoors
  • updated the web gui interface to add updates to exploits
  • fixed a menu bug in the web interface that would repeater numbers
  • added the MSCOMCTL ActiveX Buffer Overflow (ms12-027) exploit to the web interface
  • added the shellcodeexec alphanumeric shellcode payload to the web interface
  • added Java Applet Field Bytecode Verifier Cache Remote Code Execution to the web interface
  • added MS12-037 Internet Explorer Same ID Property Deleted Object Handling Memory Corruption to the web interface
  • added Microsoft XML Core Services MSXML Uninitialized Memory Corruption to the web interface
  • added Adobe Flash Player Object Type Confusion to the web interface
  • fixed a menu bug that would not allow you to return to the previous menu in the java applet
  • fixed a bug that would cause the multi-attack Metasploit, java applet, and cred harvester to not work on the right ports and raise a exceptions
  • added background listener to credential harvester and multi-attack — allows credential harvester to continue to run even if Metapsloit has been exited
  • fixed a bug that would still flag any website as cloned successfully. The new code fixes that by checking to ensure the site was properly cloned.
  • fixed a cloning web bug that would error out then continue with payload selection
  • added a cleanup routine to the web cloner for post completion on the cloner, this fixes a repetitive issue when launching multiple attacks in the menu system

Download Social Engineer Toolkit 3.6:

svn co / - Revision 1467: /social_engineering_toolkit set/

Sursa: Social Engineer Toolkit version 3.6! — PenTestIT

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...