In real life pen-testing scenarios, the antivirus is an added layer of
security, which we have conveniently ignored so far. However, in this
tutorial we will see how we can encrypt the payload and make it harder
for the AV(antivirus) to detect it.
If you haven't got the prerequisites covered, I'd suggesting you start by hacking into an unpatched Windows XP machine.
Type veil-evasion in the terminal and you'll be asked if you want to continue with the installation.
Type y. Wait for the installation to finish. It could take a while. The
installation would ask you to install Python & Ruby (don't change
installation directories even if it says that Python is already
installed), which is just a matter of clicking next and finish.
1) Type list to see available payloads.
3) You can use set option to change any values you want to change. We
don't need that right now. Type info to see the settings you can change.
5) Choose option 1
6) Press enter, or if you want to use some other exploit, then type it's name.
7) Enter LHOST and LPORT, enter any extra msfoptions you want to enter (not required here). Enter any name you want.
8) Choose 1 or 2 for Payload creation method.
Your payload will get generated in a bit. Don't upload it to online scanners, since they distribute it to different AV companies and the detection rate increases. I will update the post with screenshots soon.
Bye!
Prerequisites
You should know how the basics of generating payloads using metasploit, i.e. have a basic idea about pentesting. I have covered these already, and won't do so again.If you haven't got the prerequisites covered, I'd suggesting you start by hacking into an unpatched Windows XP machine.
Install Veil-evasion
This is one the rare moments when you actually have to install a hacking tool in Kali Linux. That said, the process is incredibly simple, and a simple apt-get will work.sudo apt-get update
sudo apt-get install veil-evasion
Type veil-evasion in the terminal and you'll be asked if you want to continue with the installation.
Veil Evasion
Type veil-evasion on the terminal to start it.
list2) Use any payload you want to. I'm using python/shellcode_inject/flat. Type
use python/shellcode_inject/flat
info4) Type generate
generate
7) Enter LHOST and LPORT, enter any extra msfoptions you want to enter (not required here). Enter any name you want.
Your payload will get generated in a bit. Don't upload it to online scanners, since they distribute it to different AV companies and the detection rate increases. I will update the post with screenshots soon.
Bye!
No comments :
Post a Comment