The Social-Engineer Toolkit (SET) v4.7 released

The Social-Engineer Toolkit (SET) version 4.7 codename “Headshot” has been released. This version of SET introduces the ability to specify multi-powershell injection which allows you to specify as many ports as you want and SET will automatically inject PowerShell onto the system on all of the reverse ports outbound. What’s nice with this technique is it never touches disk and also uses already white listed processes. So it should never trigger anything like anti-virus or whitelisting/blacklisting tools. In addition to multi-powershell injector, there are a total of 30 new features and a large rewrite of how SET handles passing information within different modules.

Change log for version 4.7

• removed a prompt that would come up when using the powershell injection technique, port.options is now written in prep.py versus a second prompt with information that was already provided
• began an extremely large project of centralizing the SET config file by moving all of the options to the set.options file under src/program_junk
• moved all port.options to the central routine file set.options
• moved all ipaddr.file to the central routine file set.options
• changed spacing on when launching the SET web server
• changed the wording to reflect what operating systems this was tested on versus browsers
• removed an un-needed print option1 within smtp_web that was reflecting a message back to user
• added the updated java bean jmx exploit that was updated in Metasploit
• added ability to specify a username list for the SQL brute forcing, can either specify sa, other usernames, or a filename with usernames in it
• added new feature called multi-powershell-injection – configurable in the set config options, allows you to use powershell to do multiple injection points and ports. Useful in egress situations where you don’t know which port will be allowed outbound.
• enabled multi-pyinjection through java applet attack vector, it is configured through set config
• removed check for static powershell commands, will load regardless – if not installed user will not know regardless – better if path variables aren’t the same
• fixed a bug that would cause linux and osx payloads to be selected even when disabled
• fixed a bug that would cause the meta_config file to be empty if selecting powershell injection
• added automatic check for Kali Linux to detect the default moved Metasploit path
• removed a tail comma from the new multi injector which was causing it to error out
• added new core routine check_ports(filename, ports) which will do a compare to see if a file already contains a metasploit LPORT (removes duplicates)
• added new check to remove duplicates into multi powershell injection
• made the new powershell injection technique compliant with the multi pyinjector – both payloads work together now
• added encrypted and obfsucated jar files to SET, will automatically push new repos to git everyday.
• rewrote the java jar file to handle multiple powershell alphanumeric shellcode points injected into applet.
• added signed and unsigned jar files to the java applet attack vector
• removed create_payload.py from saving files in src/html and instead in the proper folders src/program_junk
• fixed a payload duplication issue in create_payload.py, will now check to see if port is there
• removed a pefile check unless backdoored executable is in use
• turned digital signature stealing from a pefile to off in the set_config file
• converted all src/html/msf.exe to src/program_junk/ and fixed an issue where the applet would not load properly

It can also be downloaded through github using the following command: 
git clone https://github.com/trustedsec/social-engineer-toolkit/ set/

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

BackBox Linux version 3.0 released

BackBox is a Linux distribution based on Ubuntu Desktop, and designed for performing penetration testing, incident response, computer forensics, and intelligence gathering. It uses the Xfce desktop environment, and is developed by Raffaele Forte and a small but dedicated team.

This release include features such as the new Linux Kernel 3.2 flower and Xfce 4.8. Apart from the system major upgrade, all auditing tools are up to date as well.

What's new

• System upgrade
• Bug corrections
• Performance boost
• Improved start menu
• Improved Wi-Fi dirvers (compat-wireless aircrack patched)
• New and updated hacking tools

System requirements

• 32-bit or 64-bit processor
• 512 MB of system memory (RAM)
• 4.4 GB of disk space for installation
• Graphics card capable of 800×600 resolution
• DVD-ROM drive or USB port

Download BackBox Linux version 3.0

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Social-Engineer Toolkit (SET) 4.1.3 Released

TrustedSec Release the latest version of Social-Engineer Toolkit (SET) as 4.1.3. As most of us know that, It is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing.

It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.

Change version 4.1.3:

* Added multiple checks when importing file, no longer exits the entire application

Download Social Engineer Toolkit 4.1.3:

svn co http://svn.trustedsec.com/social_engineering_toolkit set/

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Social Engineer Toolkit 4.0 Released

Social Engineer Toolkit or SET updated to V4.0 . The latest version code named is “Balls of Steel.” The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing.

It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.

In New version the Java Applet attack has been completely rewritten and obfuscated with added evasion techniques. Additionally, all of the payloads have been heavily encrypted with a number of heavy anti-debugging tools.

The powershell attack vectors now support customized payload selection through the config/set_config. A new attack vector has been added called the Dell DRAC Attack Vector (default credential finder).

.

Download Social Engineer Toolkit 4.0:
svn co http://svn.trustedsec.com/social_engineering_toolkit set/

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Backtrack 5 R3 Released

The latest version of Backtrack is out! Check out Backtrack 5 R3!

“The time has come to refresh our security tool arsenal – BackTrack 5 R3 has been released. R3 focuses on bug-fixes as well as the addition of over 60 new tools – several of which were released in BlackHat and Defcon 2012. A whole new tool category was populated – “Physical Exploitation”, which now includes tools such as the Arduino IDE and libraries, as well as the Kautilya Teensy payload collection.”

Backtrack Team have released a single VMware Image (Gnome, 32 bit), for those requiring other VM flavors of BackTrack.

Download BackTrack 5 R3 release via torrent
BT5R3-GNOME-64.torrent (md5: 8cd98b693ce542b671edecaed48ab06d)
BT5R3-GNOME-32.torrent (md5: aafff8ff5b71fdb6fccdded49a6541a0)
BT5R3-KDE-64.torrent (md5: 981b897b7fdf34fb1431ba84fe93249f)
BT5R3-KDE-32.torrent (md5: d324687fb891e695089745d461268576)
BT5R3-GNOME-32-VM.torrent (md5: bca6d3862c661b615a374d7ef61252c5)

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

The Samurai Web Testing Framework v 2.0RC5

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

Download The Samurai Web Testing Framework v 2.0RC5

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

The Social-Engineer Toolkit (SET) v3.5.1 released

The Social-Engineer Toolkit (SET) v3.5.1 has been released. This version adds the ability to us ethe SET config to not deploy binaries to the victim machine through the Java Applet. The new configuration option can be found under config/set_config and DEPLOY_BINARIES.

The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing. It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. The Social Engineer Toolkit leverages multiple attack vectors that take advantage of the human element of security in an effort to target attackers.

By turning this off, SET will rely solely on the POWERSHELL_INJECTION technique for compromising the victim machine. This means that you have the ability to never touch disk period during the Java Applet attack.

Full changelog below:

• Fixed a bug in command center that would cause it to not load properly.
• Fixed a bug in the new Java Applet Field Bytecode that would cause it to not properly select the payload
• Added compatibility for IE10 on the Java Applet Attack Vector
• Turned AUTO_MIGRATE=OFF to AUTO_MIGRATE=ON by default, allows sticky processes to free up when exploitation occurs
• Added a new config option DEPLOY_BINARIES. When this is turned OFF, the Java Applet will only use the POWERSHELL_INJECTION technique and never deploy a binary. Note that you must know if the victim has POWERSHELL installed.
• Fixed a couple typos in the credential harvester.

In addition, AUTO_MIGRATE=ON has been turned on by default and will automatically migrate to a different thread/process. In IE10, IE would freeze periodically causing issues. Even though JVM is running in a separate thread pool, it would still cause freezing intermittently. The SET Command Center (web interface) had a bug fix to allow it to work properly.

Download Social Engineer Toolkit 3.5.1
svn co http://svn.trustedsec.com/social_engineering_toolkit set/

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Metasploit Framework 4.4 Released

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.

The Metasploit Framework 4.4 has had 101 modules added since Metasploit 4.3: 68 exploits, 22 auxiliary modules, 9 post modules, 1 payload, and 1 encoder. 

Official change log:

Metasploit Risk Validation for Nexpose Vulnerability Management: By integrating Metasploit Pro with Nexpose for risk validation, you can now prioritize the critical vulnerabilities that pose a real risk, fixing them before it’s too late. Now you can focus your efforts on what matters. Specifically, Metasploit Framework now tightly integrates with Nexpose by:

• Importing rich vulnerability data from Nexpose scans, sites, and XML
• Automatically validating the exploitability of many high-risk vulnerabilities
• Providing a simplified process to spot-check individual vulnerabilities
• Pushing granular exploit results back to Nexpose via Vulnerability Exceptions
• Pushing device classifications back to Nexpose Asset Groups via Metasploit Tags
• Enhancing Metasploit reports with detailed Nexpose scan data

Security professionals benefit from the integration in the following ways:

• Quickly identify high-risk vulnerabilities not protected by compensating controls
• Measure the effectiveness of defensive solutions designed to mitigate vulnerabilities
• Increase credibility and reduce friction between IT operations and security teams

Download Metasploit Framework 4.4

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

U3-Pwn : Sandisk Executable Injection Tool

U3-Pwn is a apparatus designed to automate injecting executables to Sandisk intelligent usb inclination with default U3 program install. This is achieved by stealing a strange iso record from a device and formulating a new iso with autorun features.

Requirements to Run U3-Pwn

1. Metasploit
2. U3-Tool
3. Python-2.6

DOWNLOAD U3-Pwn

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Metasploitable 2 Released - Vulnerable machine for Penetration testing Practice

The Metasploitable virtual machine is an intentionally vulnerable version of Ubuntu Linux designed for testing security tools and demonstrating common vulnerabilities. Version 2 of this virtual machine is available for download from Sourceforge.net and ships with even more vulnerabilities than the original image.

This virtual machine is compatible with VMWare, VirtualBox, and other common virtualization platforms. By default, Metasploitable's network interfaces are bound to the NAT and Host-only network adapters, and the image should never be exposed to a hostile network.

A beginner's guide to setting up and using Metasploitable as a practice target machine. Read this guide to find out where you can download Metasploitable and how you can get it up and running: Get Setup Guide

Download Metasploitable 2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Metasploit payload Debian (.deb) package trojan Generator Script

This bash script is to generate a Debian (.deb) package trojan using Metasploit payload developed by Aaron Hine. Metasploit Payload is to send a request back to the BackTrack server running a Metasploit listener. This video demonstrates the script:

Download Script - 1

There is Another Script developed by Travis Phillips to create msfpayload & msfencode metasploit payload trojans. The following script coded to simplify the ease of use for using msfpayload and msfencode to create a windows based trojan and set up the listener.

The script will do the following:

• Determine your IP address automatically for the LHOST of the payload.
• Ask if you want a shell or meterpreter
• Ask if you want it reverse connection or Bind port TCP
• Request the Port number.
• at that point it will create two files
• trojan.exe - your virus payload
• msf_Trojan_Listener - a file with a one liner to create the metasploit listener that works with your payload.
• Next it will start msfcli to create a listener.

Download Script - 2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

CVE-2012-2122 : Mysql Authentication Bypass Exploit

A serious security bug in MariaDB and MySQL Disclosed, According to Advisory All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are vulnerable. This issue got assigned an id CVE-2012-2122. You can Read More Details Here.

Mysql_hashdump module from Metasploit uses a known username and password to access the master user table of a MySQL server and dump it into a locally-stored "loot" file. This can be easily cracked using a tool like John the Ripper, providing clear-text passwords that may provide further access.

Jonathan Cran (CTO of Pwnie Express and Metasploit contributor) committed a threaded brute-force module that abuses the authentication bypass flaw to automatically dump the password database. This ensures that even if the authentication bypass vulnerability is fixed, you should still be able to access the database using the cracked password hashes. A quick demonstration of this module is shown below using the latest Metasploit Framework GIT/SVN snapshot.

Download Exploit

Another Easy python script to gain root access to MySQL released by Dave (ReL1K) Kennedy's on his blog.

#!/usr/bin/python

import subprocess

while 1:

subprocess.Popen("mysql -u root mysql --password=blah", shell=True).wait()

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

SMB checker and Remote Code Execution Vulnerability Exploiter Script

The vulnerability 'MS08-067' is a flaw in the Windows Server Service that when a specially crafted RPC request was sent could allow remote code executions.This vulnerability affected Windows 2000, XP, Server 2003, Vista, and server 2008 and has been assigned CVE-2008-4250.

There is a Python Script developed by Ahmed shawky aka lnxg33k, which will automatically scan for SMB Port and Will also Exploit 'MS08-067' Flaw using Metasploit. The Script will Exploit the target for you. You can download the code :

Download Script

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

WebSploit Toolkit v 1.8 - Latest Release

WebSploit is an open source project which is used to scan and analysis remote system in order to find various type of vulnerabilities. This tool is very powerful and support multiple vulnerabilities

Description :

[+]Autopwn - Used From Metasploit For Scan and Exploit Target Service

[+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin

[+]format infector - inject reverse & bind payload into file format

[+]phpmyadmin - Search Target phpmyadmin login page

[+]lfi - Scan,Bypass local file inclusion Vulnerability & can be bypass some WAF

[+]apache users - search server username directory (if use from apache webserver)

[+]Dir Bruter - brute target directory with wordlist

[+]admin finder - search admin & login page of target

[+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks

[+]MITM - Man In The Middle Attack

[+]Java Applet Attack - Java Signed Applet Attack

[+]MFOD Attack Vector - Middle Finger Of Doom Attack Vector

[+]USB Infection Attack - Create Executable Backdoor For Infect USB For Windows

[+]ARP DOS - ARP Cache Denial Of Service Attack With Random MAC

Download WebSploit V. 1.8

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

WebSploit v 1.7 - Scan And Analysis Remote System From Vulnerability

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability

• Autopwn - Used From Metasploit For Scan and Exploit Target Service
• wmap - Scan,Crawler Target Used From Metasploit wmap plugin
• format infector - inject reverse & bind payload into file format
• phpmyadmin - Search Target phpmyadmin login page
• lfi - Scan,Bypass local file inclusion Vulnerability & can be bypass some WAF
• apache users - search server username directory (if use from apache webserver)
• Dir Bruter - brute target directory with wordlist
• admin finder - search admin & login page of target
• MLITM Attack - Man Left In The Middle, XSS Phishing Attacks
• MITM - Man In The Middle Attack
• Java Applet Attack - Java Signed Applet Attack
• MFOD Attack Vector - Middle Finger Of Doom Attack Vector
• USB Infection Attack - Create Executable Backdoor For Infect USB For Windows

Download WebSploit v1.7

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Social Engineer Toolkit 3.3 Released

The Social Engineering Toolkit (SET) is an open source, python-driven, social-engineeringpenetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing. It was designed in order to arm penetration testers and security researchers with the ability to effectively test heavily advanced social-engineering attacks armed with logical methods. SET leverages multiple attackvectors that take advantage of the human element of security in an effort to target attackers.

Official change log for Social Engineer Toolkit:

• Added new menu powershell attack vectors  will be used for powershell based attacks
• Added new payload powerdump to the powershell attack vectors
• Added new payload bind shell to the powershell attack vectors
• Added new payload powershell shellcode injection to the powershell attack vectors
• New core routine added for powershell_convert (powershell_command) which will do all the proper unicode + base64 encoding needed for powershell -EncodedCommand bypass
• New core routine added powershell_generate_payload(payload,ipaddr,port,powershell_command). This will create the necessary alphanumeric shellcode needed through metasploit in order to successfully create the powershell injection attack
• Added ms12-027 to the spear phishing attack vectors – MSCOMCTL ActiveX Buffer Overflow (from Metasploit)
• Added new payload reverse shell to powershell attack vectors
• Fixed a bug in Metasploit browser exploits where the numbers were off and would not properly parse the exploit (thanks for the report Dale Pearson)
• Added a pause when using the Apache menu so it doesn’t automatically exit
• Added a pause when something is on port 80 for credential harvester to display the error message
• Added a new phishing template provided by chap0, thanks for the contribution!
• Fixed a wording issue within Fast-Track exploit selection, it was asking for a nmap range, it should read which exploit do you want
• Added the Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit exploit by muts into Fast-Track
• Added the RDP use after free DoS into Social Engineer Toolkit in the Fast-Track custom exploits section
• Added new subroutine for powershell conversion
• Added automatic convert for powershell alphanumeric shellcode to automatically encode the commands
• Added the menu system for the new powershell menu
• Added ability to leverage msf payloads in the alphnaumeric shellcode
• Added metasploit listener option for the powershell attack
• Added a new native python socket listener for a standard reverse shell routine in setcore socket_listener(port)
• Added powershell bind shell into the new powershell interpreter attack vector
• Added new core routine for powershell alphanumeric injection and conversion with msfvenom
• Added functionality through powershell.py to dynamically generate payloads and inject through powershell
• Removed large portion of prep.py and centralized through setcore routines
• Added powershell powerdump to the attack vectors for powershell attacks
• Fixed a bug that would prompt twice for an IP address in the new powershell attack

Download Social Engineer Toolkit 3.3

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email