Blog

23/04/2012 – 0.14 “London” pre-alpha release: Dedicated to BSides London (http://www.securitybsides.org.uk/), its organisers and attendants
 + Fixed URL regexp on the link_clicker.py payload for the OWTF imap client Agent
   It was missing IP-only URLs like: http://192…, regexp changed to: ‘http[:0-9a-zA-Z./]+’
 + Upgraded SET spear phising scripts from SET version 2.5.3 to SET version 3.2.2
 + Bug fix: Added GetFileAsList and AppendToFile convenience functions (required by some existing code)
 + Added Version information at the bottom of the OWTF banner and arranged some loading messages to suit
 + Added GetCurrentDateTimeAsStr convenience method to the Timer class
 + Added SET script for new payload (19)
 + Replaced /etc/motd by new parameter WORD_TEMPLATE in SET payload script 3, and added parameter to Spear_Phising plugin
 + Added better error handling to the Spear Phishing handler so that it aborts when a payload script is not found (instead of crashing in SET, after)
 + Fixed SET payload 15 to take advantage of the custom PDF template
 + Added a bit of SET’s documentation to the readme directory
 + Commented out the Attachment name modification in the Spear Phising plugin (sometimes you may want to control this from outside the plugin)
 + Added better exception handling to OWTF’s SMTP class so that failure to perform the SMTP Login assumes open relay and moves on (also sent as a patch to SET)
 + Added slightly better message to OWTF’s SMTP START TLS exception handling error message
 + Added warning to SET handler when sending blank values
 + Added check to Spear Phishing module to verify the word template exists
 + Improved exception handling on the SMTP class for Targeted Phising, thanks Sam!