Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- venom 1.0.15 - Metasploit shellcode Generator/Compiler/Listener
- Version release : v1.0.15
- Author : pedro ubuntu [ r00t-3xp10it ]
- Codename: Pandora's box (pithos)
- Distros Supported : Linux Ubuntu, Kali, Mint, Parrot OS
- Suspicious-Shell-Activity (SSA) RedTeam develop @2018
- LEGAL DISCLAMER
- The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law.
- Install and Run:
- sudo su
- apt update && apt install metasploit-framework
- git clone https://github.com/r00t-3xp10it/venom
- bash ./aux/setup.sh
- bash venom.sh
- FRAMEWORK DESCRIPTION
- The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ) injects the shellcode generated into one template (example: python) "the python funtion will execute the shellcode into ram" and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recive the remote connection (shell or meterpreter session).
- 'venom generator' tool reproduces some of the technics used by Veil-Evasion.py, unicorn.py, powersploit.py, etc, etc, etc..
- "P.S. some payloads are undetectable by AV soluctions... yes!!!"
- One of the reasons for that its the use of a funtion to execute the 2º stage of shell/meterpreter directly into targets ram the other reazon its the use of external obfuscator/crypters.
- HOW DO I DELIVER MY PAYLOADS TO TARGET HOST ?
- venom 1.0.11 (malicious_server) was build to take advantage of apache2 webserver to deliver payloads (LAN) using a fake webpage writen in html that takes advantage of <iframe> <meta-http-equiv> or "<form>" tags to be hable to trigger payload downloads, the user just needs to send the link provided to target host.
- "Apache2 (malicious url) will copy all files needed to your webroot"
- Screenshots:
- Download venom: https://github.com/r00t-3xp10it/venom
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement