Hi,
I'm trying to test some Spear Phishing attacks and here is what the steps Im using. Version of SET 5.3.5
1. Spear Phishing Attack Vectors
2. Performs a Mass Email Attack
3.SET Custom Written DLL Hijacking Attack Vector (RAR, ZIP)
4. I enter the IP address of the payload as requested
5. Windows Reverse_TCP Meterpreter
6. Backdoored Executable
7. I entered the tcp PORT of the listener
-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...[*] Backdoor completed successfully. Payload is now hidden within a legit executable.
The DLL Hijacker vulnerability will allow normal file extenstions to
call local (or remote) .dll files that can then call your payload or
executable. In this scenario it will compact the attack in a zip file
and when the user opens the file extension, will trigger the dll then
ultimately our payload. During the time of this release, all of these
file extensions were tested and appear to work and are not patched. This
will continiously be updated as time goes on.
Enter the choice of the file extension you want to attack:
8. Windows Address Book (UNIVERSAL)
9 File name entered
THe next step is where the issues happens. If I choose Zip or RAR I get the following crash and error:
[!] Something went wrong, printing the error: not all arguments converted during string formatting
Ive tied these steps on different distros with the same error produced with these steps.
Any ideas?
Yes, Ive updated SET.
Thanks in advance.
sist3m
