The Social-Engineering Toolkit (SET) is a suite of python based tools which focuses on attacking the human element for penetration tests.
1 |
svn co http://svn.secmaniac.com/social_engineering_toolkit set |
There are some deps which needs to be installed.
1 |
sudo yum -y install subversion pexpect python-BeautifulSoup python-crypto pyOpenSSL python-pefile pymssql |
The setup.py
file doesn’t follow the standard way to install python packages. Don’t worry SET will run with the usage of setup.py.
1 2 3 4 5 6 7 8 9 10 11 12 13 |
$ sudo ./set [!] Metasploit path not found. These payloads will be disabled. [!] Please configure in the config/set_config. Press {return} to continue The Social-Engineer Toolkit (SET) - by David Kennedy (ReL1K) Not running as root. Exiting the Social-Engineer Toolkit (SET). Thank you for shopping at the Social-Engineer Toolkit. Hack the Gibson...and remember...hugs are worth more than handshakes. |
Well, that’s true. Let’s check that configuration entry.
1 2 |
cat config/set_config | grep METASPLOIT_PATH METASPLOIT_PATH=/opt/metasploit/msf3 |
Adjust the path to Metasploit according to your environment.
1 |
sudo sed -i 's|METASPLOIT_PATH=/opt/metasploit/msf3|METASPLOIT_PATH=/opt/metasploit4/msf|g' config/set_config |
In the official documentation are some more configuration details available.
- Ettercap
- Web server
- Certificates
I will skip that here. After the modification we should be able to launch SET:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
$ sudo ./set [---] The Social-Engineer Toolkit (SET) [---] [---] ................................. [---] [---] Homepage: http://www.secmaniac.com [---] Welcome to the Social-Engineer Toolkit (SET). Your one stop shop for all of your social-engineering needs.. Join us on irc.freenode.net in channel #setoolkit Help support the toolkit, rank it here: http://sectools.org/tool/socialengineeringtoolkit/#comments Select from the menu: 1) Social-Engineering Attacks 2) Fast-Track Penetration Testing 3) Third Party Modules 4) Update the Metasploit Framework 5) Update the Social-Engineer Toolkit 6) Help, Credits, and About 99) Exit the Social-Engineer Toolkit set> |