SET FAQ
In an effort to avoid confusion and help understand some of the common questions with SET.
Q. I’m using NAT/Port forwarding, how can I configure SET to support this scenario?
A. Edit the config/set_config file and turn AUTO_DETECT=ON to AUTO_DETECT=OFF. Once this option is you will be prompted with the following questions:
NAT/Port Forwarding can be used in the cases where your SET machine is not externally exposed and may be a different IP address than your reverse listener.
Are you using NAT/Port Forwarding? yes or no: yes
Enter the IP address to your SET web server (external IP or hostname): <ExternalIPGoesHere>
In some cases you may have your listener on a different IP address, if this is the case the next question asks if your IP address is different for the reverse handler/listener. If that is the case, specify yes, and enter your separate IP address for the listener.
Is your payload handler (metasploit) on a different IP from your external NAT/Port FWD address (yes or no): yes
Enter the IP address for the reverse handler (reverse payload): <OtherExternalIPGoesHere>
Q. My Java Applet isn’t working correctly and don’t get prompted for the Applet when browsing the site.
A. You either do not have Java installed on the victim machine, or your using a NAT/Port forwarding scenario and you need to turn AUTO_DETECT=ON to AUTO_DETECT=OFF. If you do a view source on the webpage, the applet should be downloaded from your IP address that is accessible from the the victim. In some cases SET may grab the wrong interface IP as well, in this scenario you again will want to edit the set_config and turn AUTO_DETECT to OFF.
