TrustedSec is proud to announce the release of The Social-Engineer Toolkit (SET) v5.4 codename “Walkers”. This version has a significant amount of changes, performance upgrades, bug fixes, and efficiency. This blog post will cover some of the major highlights from Java 7 Update 45 and how to get around the security “enhancements”.
Most importantly, a massive overhaul on how the Java Applet behaves. Most recently, Java released Java 7 Update 45 which made some significant changes on restrictions on how Applets need to behave. First and foremost, there are requirements now to build into the manifest of the applet in order to meet the specifications for the new changes.
As an example of what SET used in the past, html tags were passed that contained dynamic information such as encrypted shellcode, variables, but most importantly, the name of the Applet. For example:
applet name”Whatever you want!”