Social Engineering Toolkit – Can not get UPX encoding work (SET Error: “UPX was not detected. Try configuring the set_config again”)

In BackTrack5, when you try to use SET to create a fake website using its Java Applet Attack Method and Backdoored Executable encoding, it is probable that you get an error message as follows: “UPX was not detected. Try configuring the set_config again”.

In order to resolve this issue, here are the options you can do (Option 3 is the best one);

Option 1: you need to change the two directives in set_config (/pentest/exploits/set/config/set_config) as below:

  • DIGITAL_SIGNATURE_STEAL=OFF
  • UPX_PATH=/pentest/web/scanners/sqlmap/lib/contrib/upx/linux/upx

It seems that first directive, which enables digital signature stealing, is what causes the problem with UPX. The second directive changes the  default path of UPX, because it could not be found in that path. Luckily, it also comes with SQLMAP, therefore you can change the default path of the UPX to path of the one which comes with sqlmap.

OR

Option 2: You can check if upx is located in its default folder (/usr/bin/upx), if not you can install it by using apt-get as below:

  • apt-get install -y upx

Then you need to change one directive in set_config (/pentest/exploits/set/config/set_config) as below:

  • DIGITAL_SIGNATURE_STEAL=OFF

OR

Option 3: If you also want to get the use of digital signature stealing capability of set, then first you need to install pefile module as follows:

  • apt-get install python-pefile

Then install upx as described in option 2 above which is executing the code below:

  • apt-get install upx

Now, you don’t need to change anything in the set_config file, you can use the default settings.

Using one of the options above, fixes the problem and UPX encoding works fine.

This entry was posted in Penetration Testing and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *