Using Social Engin. Toolkit

[Sector.Xero]

I'm analyzing the whole proof of concept behind SET. SET creates a fake website, that sends a user a malicious java applet. I understand.

The tutorials demonstrate this whole proof on concept in private / local networks.

If a person wanted to test this across the internet, what is the trick to make it work? I know that same ISP's block port 80 by default (in TOS).

I tried using a virtual machine to connect to my own external IP address, but with no success. Can anyone shed light on this?

[Netshroud]

I did this to a friend (with permission).

My ISP blocks port 80, so I forwarded port 50505, then used IPtables to redirect port 50505 to port 80. I had the listened running on 50506, also forwarded.

Most routers dont allow loopback connections to their own IP address, so that could be part of your problem.

[Sector.Xero]

Hey thanks Pyschosis, I was thinking about the loop back concepts also. As I was posting, I thought "what if its like calling your own phone number?"

Do you have any tutorials on the port forwarding and changing IP tables?

[Netshroud]

Port forwarding should be simple from your router. If not, look at PortForward.com

For iptables, I just googled it.

[digip]

To attack someone outsid eyour lan, you could craft a malicious PDF and email it to someone, which SET will also do for you, but even just sending out a link in the email to say, a DynDNS address which maps to your local machine would work to. A lot of ISP's say they block port 80, but there are ways around that as well, like setting the link t somethign like port 8080. For example:

http://mywebsite.com:8088/ could be the link you send someone, and you just set the program to listen on that port and forward it from your router to the listening machines local IP on your lan. Would work fine. I use ports like this on my own lan for things, like testing websites and shit with apache and php. Never had my ISP block me from running a web server on alternate ports, nor do I think all of them even really check any more. They are probably more concerned with throttling torrent traffic than web traffic. I know a few people who host their websites from their home because they have a static IP from their ISP, so it is possible, just have to check with your ISP.

Personally, I would not use a metasploit or SET setup to attack someone across the internet and have it pointing back at my own network. Get a website or find some alternate location to do this from9for testing and educational purposes of course), but if you foobared something in your "testing" and someone you unintentionally got hacked by this, you could go to jail if they trace it back to your home.

It's one thing to learn about hacking and testing your own network, completely another to do this across the internet to someone who hasnt agreed to allow you to do this or made aware of what you are attempting to do. I leave the ethics and choices to you though. What you do with it is your own bussiness.

[Sector.Xero]

No, this is only education purposes. I have plenty of friends who Guinea pig for me.