Website attack vectors
The SET web attack vector is a unique way of utilizing multiple web-based attacks in order to compromise the intended victim. It is by far the most popular attack vector of SET, with the following attack vectors:
![](https://static.packt-cdn.com/products/9781788623179/graphics/cd66a54c-82ea-4a74-9f03-6585935e2b32.png)
How to do it...
We have already seen how to use HTA in a previous recipe, but SET takes it to a new level.
- After selecting the HTA Attack Method in SET, we can clone a site through which we will deliver our payload, creating a more credible pretext for why the user should open the HTA application:
![](https://static.packt-cdn.com/products/9781788623179/graphics/c11814ad-4eb6-4dd1-85a5-4d1f0d41b798.png)
- Like the mass email attack, SET will launch Metasploit using a resource script and start the Generic Payload Handler for us:
![](https://static.packt-cdn.com/products/9781788623179/graphics/68c3ae67-e9c7-4f0e-a760-cc29b79b7b3f.png)
- Now, when the victim browses to our malicious site they will be prompted to open the HTA application; since it comes from a known website, the site we cloned, it is more likely that the victim will run it:
![](https://static.packt-cdn.com/products/9781788623179/graphics/381bfb89-b325-451a-9888-4288247c1844.png)
- When the victim opens the HTA application, we get a new session:
![](https://static.packt-cdn.com/products/9781788623179/graphics/197eda49-3db5-4a0b-b6eb-2276b9eebce9.png)