Send Fake E-Mail with SETOOLKIT

Usually, employees are unaware of the tricks and techniques of social engineering, which can be used as intermediaries to obtain valuable information, such as credit card information or corporate secrets.

The security of the entire organization can be compromised if an employee visits a malicious website, answers a social engineer phone call, or clicks on a malicious link received in their personal e-mail..

In this guide. we will show you a method through which you can easily send one email with one of the most popular tools called SET (Social Engineering Toolkit).

SET is a product of TrustedSec. SET is a Python-based suite of custom tools created by David Kennedy (ReL1K) and of which consists of JR DePre (pr1me), Joey Furr (j0fer) and Thomas Werth.

SET is an attack system based on attack on human resources. With a variety of attacks available, this toolkit is absolutely essential for penetration testing.

SET comes pre-installed on Kali Linux. You can just run it through the line typing the command "setoolkit".

Once SET is opened, all available options will be displayed as shown in the screenshot below :

Select 1) Social-Engineering Attacks to get a list of possible attacks that can be executed.

You can choose the attacks you want to perform from one which appears as follows:

  • 1 Spear-Phishing Attack Vectors
  • 2 Attack Vectors
  • 3 Infectious Media Generator
  • 4 Create a Payload and Listener
  • 5 Mass Mailer Attacks
  • 6 Arduino-Based Attack Vector
  • 7 Wireless Access Point Attack Vector
  • 8 QRCode Generator Attack Vector
  • 9 Powershell Attack Vectors
  • 10 SMS Spoofing Attack Vectors
  • 11 Third Party Modules
  • 99 Return back to the main menu

We'll start with Mass Mailer Attack . Enter 5 to go to the next menu.

For this example in the list, we will take a look at the first option, E-Mail Attack Single Email Address .

Now you need to fill in all the following details as shown below:

  • Send email to:
  • From address:
  • The FROM Name the user will see:
  • Username for open-relay:
  • Password for open-relay:
  • SMTP email server address:
  • Port number for the SMTP server:
  • Flag this message / s as high priority ?:
  • Do you want to attach a file:
  • Do you want to attach an inline file:
  • Email Subject:
  • Send the message as html or plain:
  • Enter the body of the message, type END when finished:

Here you need an open SMTP retransmission server, which you can easily get through smtp2go.com and creating a free account whose SMTP server address will be “mail.smtp2go.com"And the door will be"2525".

This is the result of the fake email we sent from info@iguru.gr via smtp2go.com of the open relay server.

In the SMTP2GO.com Application Control Panel, you can even manage all registrations and view all the information about fake emails sent from your account, as shown below:

 

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).