February 27, 2012
The Social-Engineer Toolkit 3.1 Codename "User Awareness" has been released!
Written by
David Kennedy
Security Testing & Analysis
Social Engineering
You heard it right. SET 3.1 has been released. I decided to go crazy on another development binge. This release has a number of bug fixes and re-introduces the set-web GUI. This release also has some major performance boosts and some new options. SET is under a bit of a rehaul when it comes to the centralization of information and how it reports between each other. This version kicks that off with much more to come.
Full changelog below:
~~~~~~~~~~~~~~~~
version 3.1
~~~~~~~~~~~~~~~~
* added better error handling within harvester.py - should fix a transmission error bug when users close the browser half way through
* licensing has been changed to reflect 2012 and the new hug licensing agreement :) will prompt now the next time you launch set
* fixed a bug if you were using self signed java applets, it would throw an error that signapplet was already used - added randomized string values to it
* did some code cleanup on harvester and removed old code
* changed self_sign.py to import from setcore libraries
* fixed a bug that when importing own custom executable into SET would throw an exception due to shutil.copyfile not properly defining file name
* added a break within the custom import exe to trigger a while 1 loop to not terminate web server thread - control-c exits when finished with java applet attack
* rehauled the set-web interface and is now back to being supported and included into the main libraries
* fixed a spacing issue when selecting the spear phishing menu between the last two exploits
* added Adobe U3 exploit to the phishing site for set-web
* added the Rhino Java Exploit to the webattack site for set-web
* rehauled most modules to change from src.core import setcore to from src.core.setcore import *
* fixed a bug that if you were using web templates and select SE Toolkit payload it would error out
* fixed a bug that caused the listener.py to not be found when using web templates
* added a new check routine for set.options which will be the central store for all set related options versus different files
* added the new check routine into spawn.py to check for custom executables, will start converting everything in next release