Saturday, September 1, 2012

The curious case of the failing web vector attack

I recently decided to try experiment with the social engineering toolkit on my penetration testing network. The attack I'm trying to execute is a java applet attack underneath the website attack vectors option. I am pretty sure that I have covered the basics and obvious by having java installed and making the appropriate changes to the set config file. I have even tried removing and reinstalling SET. As I have stated earlier in my blog all of the machines in my test network including BT5 are ran in virtual box. What follows is a brief overview of the options I selected in attempting the attack and a few screen shots to help convey where I think the error is at:

Attacker Machine: BT5R3
SET V3.7.1

 Victim Machine:
Windows XP sp2:
Browser: Firefox v14.0.1

I use the following options in SET to try to execute my attack:
1
2
1
2
(Fill all the fields with bob or w/e)
URL to clone: www.hulu.com
2
16
443
start sendmail: no
1
fill in victim email
fill in attacker email
flag message: no
Craft Email subject
opt for html message
craft email body
~~~~~
  Press <return> to continue
[-] ***
[-] * WARNING: Database support has been disabled
[-] ***

SET then launcher msfconsole and starts a handler waiting for the connection from the victim machine.

Other things I have tried: Using the templates instead of cloning a site, setting the listener to port 80 instead of 443, not using the email attack option along side this attack. Can't think of anything else I have tried at the moment in conjunction with the attack. Here are a few screen shots of my most recent attempt.