Veil-Evasion v2.24 – is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.
+ Added….: I’ve added obfuscation to the python payloads. Some AVs are triggering on ctypes being referenced everywhere, at the moment, it’s only in the file once.
+ Updated..: Pyinstaller has been updated to version 3.1 which allows us to encrypt the bytecode using the -key option. The key is randomly generated time a payload is made.
Veil-Evasion is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.
NOTE: ./setup/setup.sh should be re-run on every major version update. If you receive any major errors on running Veil-Evasion, first try re-running this script to install any additional packages and update the common configuration file
Use Kali (x86) and all dependencies are pre-installed
Install Python 2.7
Install PyCrypto >= 2.3
Windows (for Py2Exe compilation)
Python (tested with x86 – http://www.python.org/download/releases/2.7/)
Run ./setup.sh on Kali x86 (for Pyinstaller). Install Python 2.7, Py2Exe, PyCrypto, and PyWin32 on a Windows computer (for Py2Exe).
Veil-Evasion was designed to run on Kali Linux, but should function on any system capable of executing python scripts. Simply call Veil-Evasion from the command line, and follow the menu to generate a payload. Upon creating the payload, Veil-Evasion will ask if you would like the payload file to be converted into an executable by Pyinstaller or Py2Exe.
If using Pyinstaller, Veil-Evasion will convert your payload into an executable within Kali.
If using Py2Exe, Veil-Evasion will create three files:
payload.py – The payload file
setup.py – Required file for Py2Exe
runme.bat – Batch script for compiling the payload into a Windows executable
Move all three files onto your Windows machine with Python installed. All three files should be placed in the root of the directory Python was installed to (likely C:\Python27). Run the batch script to convert the Python script into an executable format.
Place the executable file on your target machine through any means necessary and don’t get caught!