Skip to Main Content
January 17, 2011

The Social-Engineer Toolkit v1.2 Coming Soon

Written by David Kennedy
Security Testing & Analysis Social Engineering
I've been working hard on the latest release of the Social-Engineer Toolkit (SET) v1.2 which should be released within the next few weeks (ShmooCon?! hopefully?!). For the masses this update won't mean a huge difference however for those that want to contribute new modules to SET, this should make the world of difference. First things first, there has been a few bugs, and exploits added into the Metasploit client-side attack and file-format attack vectors (from the Metasploit repository). The biggest change is the ability to add third party modules and have them automatically get detected. The new menu looks like this: Select from the menu: 1. Spear-Phishing Attack Vectors 2. Website Attack Vectors 3. Infectious Media Generator 4. Create a Payload and Listener 5. Mass Mailer Attack 6. Teensy USB HID Attack Vector 7. SMS Spoofing Attack Vector 8. Third Party Modules 9. Update the Metasploit Framework 10. Update the Social-Engineer Toolkit 11. Help, Credits, and About 12. Exit the Social-Engineer Toolkit Enter your choice: If you notice choice 8 which is third party modules, the premise of this is if you place any .py (python extension) into the modules folder it will automatically detect as long as its in a particular format. This is an example module testing.py which is in the new modules/ folder: # # These are required fields # import sys # switch over to import core sys.path.append("src/core") # import the core modules try: import core except: reload(core)MAIN="This is a test module" AUTHOR="Dave" # def main(): header is required def main():      core.site_cloner("https://gmail.com")      core.start_web_server("reports/clonedsite/")      pause=raw_input("This module has finished completing. Press to continue") When I go to run this: Enter your choice: 8Welcome to the Social-Engineer Toolkit Third Party Modules menu. Please read the readme/modules.txt for more information on how to create your own modules. 1. This is a test module [fusion_builder_container hundred_percent="yes" overflow="visible"][fusion_builder_row][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"][*] Author: Dave [*] 2. Return to the previous menu. Enter the module you want to use: 1 [*] Cloning the website: https://gmail.com [*] This could take a little bit... Site has been successfully cloned and is under reports/clonedsite SET is now serving HTTP on port 80 Overall thus far I've added 14 core system calls which will continue to be expanded as the tool grows and each version. Ultimately you can add and submit your own modules now through SET. There will be some more news as it develops but wanted to give everyone a heads up of what to expect in v1.2[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]