Skip to Main Content
February 18, 2015

The Social-Engineer Toolkit (SET) v6.2 released

Written by David Kennedy
Security Testing & Analysis Social Engineering
The latest release of SET v6.2 codename "Recharge" is now available This version has a number of features including a redesigned Java Applet for higher and more reliable exploitation. In addition, the powershell injection technique introduced in prior versions of SET has been slimmed down by 18 bytes which allows for more characters inside one attack. This means that the reverse_https/http payloads are now supported for PowerShell Injection. For the Java Applet, it will now smart detect if PowerShell is installed. If it is installed, it will use the powershell injection and never deploy a binary. If powershell is not installed, it will fall back on a binary. The binaries themselves do absolutely nothing until passed an encrypted string and decrypt shellcode directly into memory. These payloads have been completely rewritten and incorporate virtual machines within the executables as well as anti-debugger detection. If powershell exploitation works appropriately, a binary will never be sent to the system automatically now. In addition, large portions of SET was rewritten to move completely off msfpayload and msfencode which are now being removed inside of Metasploit. All payload generation is either done through dynamic patching of already generated shellcode or through msfvenom directly. In addition, a number of the attacks have been enhanced including the MSSQL bruter attack for more reliability and detection. Additional client-side exploits have been added through Metasploit as well as a number of other additions. ~~~~~~~~~~~~~~~~ version 6.2 ~~~~~~~~~~~~~~~~ * changed IP address for the payload listener to specify LHOST * included TDS as a standard impacket library * added port to MSSQL display when compromising system * moved create_payloads in payloadgen to be compliant with msfvenom creation and moved off msfpayload and msfencode * fixed multiple files still using msfpayload or msfvenom * fixed a bug that caused a tds exceptions error when using the SQL attack (missing tds library) * updated specific wording in setoolkit launcher * slimmed powershell injection code to reduce injection code by about 17 bytes * completely randomized the java applet to the point where it will randomize the name, no longer uses Signed_Update.jar - there were signatures floating around that were detecting it based on static names * randomized and obfuscated pyinjector code base and locked into its own virtual container and debugger protection * randomized and obfuscated multi pyinjector code base and locked into its own virtual container and debugger protection * added the java applet to now smart detect if powershell is installed, if it is then it will not download an executable which could be used on detection capabilities. Powershell is plenty stable and should not require any deviations for a binary to be downloaded. * added ability to check if certain paths are legitimate, if they are will deploy payloads via java applet * full msfvenom support and conversion off msfpayload msfencode * removed old call for impacket tds compatibility