Conduccion Basada en Menus

De www.metasploit-es.com.ar

Conduccion Basada en Menus

SET es un sistema de ataque basado en menus, el cual es unico en lo que a herramientas hacker se refiere. La decision de no hacer un programa de linea de comandos se hizo debido a como ocurren los ataques de ingenieria social; requieren multiples escenarios, opciones y personalizaciones. Si la herramienta estuviese basada en linea de comandos, tendria realmente limitada la efectividad de los ataques y la habilidad para personalizarse totalmente basada en el objetivo. Pasemos al menu y hagamos un breve recorrido por cada uno de los vectores de ataque. 

  root@bt:/pentest/exploits/set# ./set
    [---]       The Social-Engineer Toolkit (SET)          [---]
    [---]        Written by David Kennedy (ReL1K)          [---]
    [---]                 Version: 1.2                     [---]
    [---]             Codename: 'Shakawkaw'            [---]
    [---]     Report bugs to: davek@social-engineer.org    [---]
    [---]        Java Applet Written by: Thomas Werth      [---]
    [---]        Homepage: http://www.secmaniac.com        [---]
    [---]     Framework: http://www.social-engineer.org    [---]
    [---]       Over 1.4 million downloads and counting.     [---]
  Welcome to the Social-Engineer Toolkit (SET). Your one
   stop shop for all of your social-engineering needs..
            Follow me on Twitter: dave_rel1k
    DerbyCon 2011 Sep30-Oct02 - A new era begins...
 irc.freenode.net - #DerbyCon - http://www.derbycon.com
  Select from the menu:
  1.  Spear-Phishing Attack Vectors
  2.  Website Attack Vectors
  3.  Infectious Media Generator
  4.  Create a Payload and Listener
  5.  Mass Mailer Attack
  6.  Teensy USB HID Attack Vector
  7.  SMS Spoofing Attack Vector
  8.  Third Party Modules
  9.  Update the Metasploit Framework
  10. Update the Social-Engineer Toolkit
  11. Help, Credits, and About
  12. Exit the Social-Engineer Toolkit
  Enter your choice: 1
  Welcome to the SET E-Mail attack method. This module allows you
  to specially craft email messages and send them to a large (or small)
  number of people with attached fileformat malicious payloads. If you
  want to spoof your email address, be sure "Sendmail" is installed (it
  is installed in BT) and change the config/set_config SENDMAIL=OFF flag
  to SENDMAIL=ON.
  There are two options, one is getting your feet wet and letting SET do
  everything for you (option 1), the second is to create your own FileFormat
  payload and use it in your own attack. Either way, good luck and enjoy!
  1. Perform a Mass Email Attack
  2. Create a FileFormat Payload
  3. Create a Social-Engineering Template
  4. Return to Main Menu
  Enter your choice:


El menu de ataque spear-phishing se utiliza para realizar ataques de email objetivos contra una victima. Puedes enviar multiples emails basado en lo que hayas cosechado o puedes enviarlos individualmente. Tambien puedes utilizar formato de archivo (por ejemplo un fallo PDF) y enviar el ataque malicioso a la victima para comprometer el sistema. 

  Select from the menu:
  1.  Spear-Phishing Attack Vectors
  2.  Website Attack Vectors
  3.  Infectious Media Generator
  4.  Create a Payload and Listener
  5.  Mass Mailer Attack
  6.  Teensy USB HID Attack Vector
  7   Update the Metasploit Framework
  8.  Update the Social-Engineer Toolkit
  9.  Help, Credits, and About
  10. Exit the Social-Engineer Toolkit
  Enter your choice: 2
  The Social-Engineer Toolkit "Web Attack" vector is a unique way of
  utilizing multiple web-based attacks in order to compromise the
  intended victim.
  Enter what type of attack you would like to utilize.
  The Java Applet attack will spoof a Java Certificate and
  deliver a metasploit based payload. Uses a customized
  java applet created by Thomas Werth to deliver
  the payload.
  The Metasploit browser exploit method will utilize select
  Metasploit browser exploits through an iframe and deliver
  a Metasploit payload.
  The Credential Harvester Method will utilize web cloning
  of a website that has a username and password field and
  harvest all the information posted to the website.
  The TabNabbing Method will wait for a user to move to a
  different tab, then refresh the page to something different.
  The Man Left in the Middle Attack Method was introduced by
  Kos and utilizes HTTP REFERER's in order to intercept fields
  and harvest data from them. You need to have an already vulnerable
  site and incorporate script src="http://YOURIP/". This could either
  be from a compromised site or through XSS.
  The web jacking attack method was introduced by white_sheep, Emgent
  and the Back|Track team. This method utilizes iframe replacements to
  make the highlighted URL link to appear legitimate however when clicked
  a window pops up then is replaced with the malicious link. You can edit
  the link replacement settings in the set_config if its to slow/fast.
  The multi-attack will add a combination of attacks through the web attack
  menu. For example you can utilize the Java Applet, Metasploit Browser,
  Credential Harvester/Tabnabbing, and the Man Left in the Middle attack
  all at once to see which is successful.
  1. The Java Applet Attack Method
  2. The Metasploit Browser Exploit Method
  3. Credential Harvester Attack Method
  4. Tabnabbing Attack Method
  5. Man Left in the Middle Attack Method
  6. Web Jacking Attack Method
  7. Multi-Attack Web Method
  8. Return to the previous menu
  Enter your choice (press enter for default):

El vector de ataque web se utiliza para realizar ataques phishing contra la victima con la esperanza de que pulsen en el enlace. Hay una amplia variedad de ataques que pueden ocurrir una vez que han hecho click. Mas adelante recorreremos cada uno de esos ataques.

"3. Infectious Media Generator" (Generador de Medios Infecciosos)

El creador de USB/DVD infeccioso desarrollara un payload Metasploit para ti y creara un archivo autorun.inf que una vez quemado en DVD o colocado en un dispositivo USB, disparara una caracteristica de autoejecucion y comprometera el sistema. Este vector de ataque es relativamente simple en su naturaleza y se basa en conectar dispositivos fisicamente en el sistema objetivo.

"4. Create a Payload and Listener" (Crear un Payload y un Oyente)

Es una envoltura extremadamente simple sobre Metasploit para crear un payload, exportar el exe por ti y generar un oyente. Necesitarias transferir el exe a la maquina victima y ejecutarlo para que funcionase correctamente.

"5. Mass Mailer Attack" (Ataque de Mailer Masivo)

El ataque de mailer masivo te permitira enviar multiples emails a victimas y personalizar los mensajes. Esta opcion no permite crear payloads, por lo que generalmente se utiliza para realizar ataques masivos de phishing. 

  Select from the menu:
  1.  Spear-Phishing Attack Vectors
  2.  Website Attack Vectors
  3.  Infectious Media Generator
  4.  Create a Payload and Listener
  5.  Mass Mailer Attack
  6.  Teensy USB HID Attack Vector
  7.  SMS Spoofing Attack Vector
  8.  Third Party Modules
  9.  Update the Metasploit Framework
  10. Update the Social-Engineer Toolkit
  11. Help, Credits, and About
  12. Exit the Social-Engineer Toolkit
  Enter your choice: 6
  Welcome to the Teensy HID Attack Vector.
  Special thanks to: IronGeek and WinFang
  The Teensy HID Attack Vector utilizes the teensy USB device to
  program the device to act as a keyboard. Teensy's have onboard
  storage and can allow for remote code execution on the physical
  system. Since the devices are registered as USB Keyboard's it
  will bypass any autorun disabled or endpoint protection on the
  system.
  You will need to purchase the Teensy USB device, it's roughly
  $22 dollars. This attack vector will auto generate the code
  needed in order to deploy the payload on the system for you.
  This attack vector will create the .pde files necessary to import
  into Arduino (the IDE used for programming the Teensy). The attack
  vectors range from Powershell based downloaders, wscript attacks,
  and other methods.
  For more information on specifications and good tutorials visit:
  http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle
  To purchase a Teensy, visit: http://www.pjrc.com/store/teensy.html
  Select a payload to create the pde file to import into Arduino:
  1. Powershell HTTP GET MSF Payload
  2. WSCRIPT HTTP GET MSF Payload
  3. Powershell based Reverse Shell
  4. Return to the main menu.
  Enter your choice:


El ataque teensy USB HID es un metodo que se utiliza adquiriendo un dispositivo hardware de prjc.com y programandolo de forma que haga que el pequeño microcontrolador USB se parezca y se comporte exactamente como un teclado. La parte importante de esto es que puentea las capacidades de autoejecucion y puede dejar payloads en el sistema a traves de la memoria flash de la placa. La simulacion de teclado te permite escribir caracteres en un modo que puede utilizar descargadores y explotar el sistema. 

  7   Update the Metasploit Framework
  8.  Update the Social-Engineer Toolkit
  9.  Help, Credits, and About
  10. Exit the Social-Engineer Toolkit


Los menus precedentes realizaran actualizaciones de Metasploit, el Social-Engineer Toolkit, proporcionaran ayuda y creditos, y por ultimo salir del Social-Engineer Toolkit (¡¿por que ibas a querer hacer eso?!).



© Offensive Security 2009 

Original de www.offensive-security.com
Traducido por cbk999
Obtenido de «http://www.metasploit-es.com.ar/wiki/index.php/Conduccion_Basada_en_Menus»
Herramientas personales