WHAT IS SOCIAL ENGINEERING TOOLKIT ?
- Social engineering toolkit(SET) is an exploitation framework for social engineering attacks like phishing, web attacks, hack windows machines etc.
- Launch SET. In kali linux it can be found inApplications>Kali linux>Exploitation Tools>Social Engineering Toolkit>setoolkit.
- The following screen will be opened.
- Select option 1-Social Engineering Toolkit.
- Select option 4-Create Payload and listener.
- Enter attacker's IP address here. To check your ip address, type ifconfig in new terminal and you will find it.
- Select option 2-Windows Reverse_TCP Meterpreter.
- Select option 4-Backdoored Executable.
- Enter port of the listener 443. It will create a backdoored Executable file named payload.exe in SET's home directory(PATH: /usr/share/set/payload.exe).
- Now type yes to start msfconsole.
- Once msfconsole has been started transfer that payload.exe on victim's machine and run it on that machine.
- Meterpreter session will be opened.
- Migrate current process to another process to make sure your meterpreter session will remain open. To do this you must have process id of process to which you are migrating. use ps command to know all process currently running on victim's machine and its process id.
- Here i am migrating to explorer.exe
- help command gives you information about the commands that can be executed on victim's machine.
you can shutdown victim's machine.
- You can do anything with victim's machine. You can shudown, reboot victim's machine. You can steal files from that machine and upload files to that machine.
- You can drop into system's shell. With that you can create a file on that machine, open a file, kill processes currently running on that machine and manymore.
Comments