The New Social Engineering Toolkit vs Windows 7 (and 8!)

Cyber genius David Kennedy (aka The Mad Hugger :) ) and his rockstar team have done it again. Just when you thought your Anti-Virus was safe, the TrustedSec team has shown once again that pinning all your corporate security hope on AV protection alone is not a good strategy.

A ton of new features have been added (check out their video above) and some of the older features have been re-written and revamped. Making SET 4.0 codenamed “Balls of Steel” (who makes up these names??) one of the coolest pentesting tools out there.

I just had to check out the new “PyInjector” feature (injects shellcode straight into memory) and see how it fared against a fully updated Windows 7 with one of the best AV/network protection suits installed:

Looks like it worked pretty good!

Okay, I have been playing around with Windows 8 for a while now, checking out it’s updated security features and I have been pretty impressed so far. Here is a screenshot of the same attack against a Windows 8 system using only the included Microsoft Windows Defender:

No shell, only an ever repeating screen of errors.

Okay, let’s try the new Java 7 attack against both and see how it fairs. First the Windows 8 system:

Hmm… Seems to have stopped it at the request stage. Windows Defender did have an update that I installed just prior to running this test. Though I thought it odd that nothing showed in the Windows Defender log.

Okay and the Windows 7 system with the good AV:

Just got to the sending applet part, but no shell. Looks like it stopped it too.

I tried the regular Java attack that has been re-tooled and I was able to get a remote shell with both versions of Windows. It was odd though as neither would let me actually do anything with the shell. Anything I tried to input into the shell would just be echoed onto the webpage on the target machine.

This just shows that even though in some cases the AV was able to stop the attacks, I was still able to get a full remote shell. Users must be educated about online risks, and network defense can not be focused on AV protection alone. Social Engineering is one of the top targeted attack methods used against corporate networks.

Sometimes your user is your last and greatest line of defense.

About these ads

~ by D. Dieterle on September 21, 2012.

2 Responses to “The New Social Engineering Toolkit vs Windows 7 (and 8!)”

  1. Love your blog. I’ve made it part of my daily routine, in addition to the monthly Hakin9 magazine.

    Could you write an article in the future about ways of identifying that a PC was compromised? Maybe what type of alerts to expect, or what sort of logs may help identify?

    • Thank you I really appreciate it!

      Sure, I have done several on Security Onion and Netwitness – great tools to detect suspicious activity on your network. But I will do something new here soon.

      I’ve been a bit tied up lately with other projects and haven’t been posting as much as I would like. But I am working on editing a sweet upcoming book for a Backtrack author, starting to edit a cool video training series based on Wi-Fi security and have been writing a bit for some magazines.

      Pfew…

      Will share more details about this when I can. :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.

Join 285 other followers

%d bloggers like this: