A25414N
Professional
- Messages
- 216
- Reaction score
- 19
- Points
- 18
Code:
Social-Engineer Toolkit
SET предоставляет собой функционал для проведения четырех основных векторов атаки:
Основные вектора атаки SET
* E-MAIL ATTACK VECTOR
* WEB ATTACK VECTOR
* CD/DVD/USB ATTACK VECTOR
* Teensy USB HID ATTACK VECTOR
При проведении атаки через е-mail используются эксплойты, реализующие уязвимости типа file format, такие как:
* Adobe Flash Player 'newfunction' Invalid Pointer Use
* Adobe Collab.collectEmailInfo Buffer Overflow
* Adobe Collab.getIcon Buffer Overflow
* Adobe JBIG2Decode Memory Corruption Exploit
* Adobe PDF Embedded EXE Social Engineering
* и другие
А при атаке через веб-вектор используются эксплойты, реализующие уязвимости в браузерах:
* LNK Code Execution (MS10-046)
* Help Center XSS and Command Execution (MS10-042)
* IE iepeers.dll Use After Free (MS10-018)
* IE Tabular Data Control Exploit (MS10-018)
* IE "Aurora" Memory Corruption (MS10-002)
* и другие
Ченжлог :
Added slim_set.py in config, will slim down the SET instance
Added a new config option in set_config to turn SET_Interactive shell to off which will mean you need to spare some room in SET.
Changing the structure of how menus look, so when you go to phishing, you know your in the phishing menu, when your in webattack you know you’re there
Added core function set_check to see if interactive shell is turned on or off
Added new core function to standardize menu output for option 99
Added a 99 backout menu to the infectious media menuСкачать
