venom.sh v1.0.10 - Codename: Final Polymorphic Stub.

venom.sh v1.0.10 – Codename: Final Polymorphic Stub.

CHANGELOG VERSION 1.0.10 (26/1/2016) Codename: Final Polymorphic Stub;
FUNCTION   |      DESCRIPTION
——- ——-       —————————————————————————
bug fix          ->    ‘getsystem’ bug fixed in all resource files (.rc)
improved     ->    venom terminal displays review/improved/fixed.
improved     ->    ‘elementary OS’ ip address support added (LHOST).
improved     ->    ‘@echo off’ added to all .bat files to hidde letter displays in terminal
added           ->    ‘C-TO-BAT’ powershell Invoke-Shellcode (load shellcode)*new
added           ->    ‘PS1-TO-BAT’ powershell Invoke-Shellcode (load remote payload)*new
added           ->   ‘apache2’ added to deliver your payloads using a malicious URL..
added          ->    stager ‘reverse_tcp_dns’ added to ‘available payloads list’*new
added          ->    ‘gather.rc’ post-exploitation resource file (gather target info)
added          ->    ‘encrypt_PolarSSL’ base64+AES shellcode cypter (manual run)*new
added          ->   ‘SimpleHTTPServerWithupload.py’ a simplehttpserver with download/upload capabilittys if you need it (manual run)
——- ————————————————————————————————————————

[ DISCLAMER ]
The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law.

Codename: Final Polymorphic Stub. You can see what is a different

Codename: Final Polymorphic Stub.
You can see what is a different

Komodo Venom v1.0.10

Komodo Venom v1.0.10

The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects the shellcode generated into one funtion (example: python) “the python funtion will execute the shellcode in ram” and uses compilers like: gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recibe the remote connection (reverse shell or meterpreter session).

‘shellcode generator’ tool reproduces some of the technics used by Veil-Evasion framework, unicorn.py, powersploit, etc,etc,etc..”P.S. some payloads are undetectable by AV soluctions yes!!!” one of the reazons for that its the use of a funtion to execute the 2º stage of shell/meterpreter directly into targets ram.

DEPENDENCIES :
— “crisp.sh will download/install all dependencies as they are needed”
— Zenity | Metasploit | GCC (compiler) | Pyinstaller (python-to-exe module)
— python-pip (pyinstaller downloader) | mingw32 (compile .EXE executables)
— pyherion.py (crypter) | PEScrambler.exe (PE obfuscator/scrambler.)

Features
option – build – target – format – output

1 – shellcode – unix – C – C
2 – shellcode – windows – C – DLL
3 – shellcode – windows – DLL – DLL
4 – shellcode – windows – C – PYTHON/EXE
5 – shellcode – windows – C – EXE
6 – shellcode – windows – MSIEXEC – MSI
7 – shellcode – windows – C – RUBY
8 – shellcode – windows – HTA-PSH – HTA
9 – shellcode – windows – PSH-CMD – PS1
10 – shellcode – windows – PSH-CMD – BAT
11 – shellcode – webserver – PHP – PHP
12 – shellcode – multi OS – PYTHON(b64) – PYTHON

F – FAQ (frequent ask questions)
E – exit shellcode generator

Usage:

our post before | Or Download Old Source: shell.tar.gz (24.9 MB)
Source :http://sourceforge.net/p/crisp-shellcode-generator/