SET Web-Interface
The web interface for the Social-Engineer Toolkit takes whatever you select and generates an answer file that is ultimately placed into set-automate. Each response assigns a given value and the built in intelligence on the back-end parses your responses into building and crafting the attack into SET. To turn the web interface simply type ./set-web
root@bt:/pentest/exploits/set# ./set-web [*] Starting the SET Command Center on port: 44444 | | | | | The Social-Engineer Toolkit | | Command Center | | | | May the pwn be with you | |______________________________________________________| All results from the web interface will be displayed in this terminal. [*] Interface is bound to http://127.0.0.1 on port 44444 (open browser to ip/port)
Once the SET Web Interface is running, browse to localhost:44444. SET will only listen on localhost, you will not be able to get to it remotely.
The web interface should be pretty self-explanatory if you’re familiar with the menu mode. One thing to note is that under the update’s menu, you’ll notice that you can dynamically edit the configuration options. When you save the new settings to the file, it will actually propagate different options in different menus. For example, if you turn on self-signed-applets to ON, new options will appear under the web attack menu. Otherwise, the options will remain hidden. To launch an attack, just click on one of the attack vectors, fill out the appropriate attacks and hit launch attack. Check your window that you launched the web interface on, and you should see the attack being launched.
