E-mail attack vector [SET]

✨ deeznutz

✨ Master ✨
Staff member
May 15, 2017
We begin our journey with an email attack vector. To do this,
select the "Spear-Phishing Attack Vectors" item in the main menu . Nowadays, it is difficult to imagine a
person without e-mail, and without the temptation to get something for free -
even more difficult. And when a freebie itself comes to you in an electronic box - this is
not a life at all , but a fairy tale. First you need to decide on the number of goals, because SET
provides two modes of distribution:
  • Individual mailing
  • Mass mailing
For mass mailing, a pre-formed file with a list of
target addresses is required . The format of this file is very simple - one address per line, and it
is located in /pentest/exploits/SET/config/mailing_list.txt. And since
everything is akin to writing a regular letter - you need to fill in the subject of the letter and its
content. In principle, in order not to repeat the same input every time, you can
make a template and use it later if necessary. As for
sending a letter, there are three options:
  • Gmail account
  • Own sendmail open-relay
  • Someone's open-relay server
As you can see, there are options for every taste: you can send a letter through your
Gmail account, without leaving SET, use the Sendmail server, which
will be automatically picked up by SET on BackTrack, and sent via it, or you
can find an open relay in advance on the Internet. To determine whether the SMTP server is an
open-relay server , you can use the Nmap-ready NSE script:
nmap --script smtp-open-relay.nse <host>
Thanks to open-relay, you can send emails from other people's addresses, but you should not
forget that the victim can use the "reverse lookups" mechanism, which
is able to determine the correspondence of the sender's domain name.
Combat load (Meterpreter Reverse_TCP, Reverse VNC, Reverse TCP Shell)
together with the exploit, they are transparently selected from metasploit and go inside a
PDF file attached to the letter, which can be either a SET preset or
any of your PDF attachments. It remains to raise the listener and wait until the human
factor plays a cruel joke.
Top Bottom