In real life pentesting scenarios, the antivirus is an added layer of security, which we have conveniently ignored so far. However, in this tutorial we will see how we can encrypt the payload and make it harder for the AV(antivirus) to detect it.
If you haven't got the prerequisites covered, I'd suggesting you start by hacking into an unpatched Windows XP machine.
Type veil-evasion in the terminal and you'll be asked if you want to continue with the installation.
Type y. Wait for the installation to finish. It could take a while. The installation would ask you to install Python & Ruby (don't change installation directories even if it says that Python is already installed), which is just a matter of clicking next and finish.
1) Type list to see available payloads.
6) Press enter, or if you want to use some other exploit, then type it's name.
7) Enter LHOST and LPORT, enter any extra msfoptions you want to enter (not required here). Enter any name you want.
8) Choose 1 or 2 for Payload creation method.
Your payload will get generated in a bit. Don't upload it to online scanners, since they distribute it to different AV companies and the detection rate increases. I will update the post with screenshots soon.
Prerequisites
You should know how the basics of generating payloads using metasploit, i.e. have a basic idea about pentesting. I have covered these already, and won't do so again.If you haven't got the prerequisites covered, I'd suggesting you start by hacking into an unpatched Windows XP machine.
Install Veil-evasion
This is one the rare moments when you actually have to install a hacking tool in Kali Linux. That said, the process is incredibly simple, and a simple apt-get will work.sudo apt-get update
sudo apt-get install veil-evasion
Type veil-evasion in the terminal and you'll be asked if you want to continue with the installation.
Type y. Wait for the installation to finish. It could take a while. The installation would ask you to install Python & Ruby (don't change installation directories even if it says that Python is already installed), which is just a matter of clicking next and finish.
Veil Evasion
Type veil-evasion on the terminal to start it.1) Type list to see available payloads.
list2) Use any payload you want to. I'm using python/shellcode_inject/flat. Type
use python/shellcode_inject/flat3) You can use set option to change any values you want to change. We don't need that right now. Type info to see the settings you can change.
info4) Type generate
generate5) Choose option 1
6) Press enter, or if you want to use some other exploit, then type it's name.
7) Enter LHOST and LPORT, enter any extra msfoptions you want to enter (not required here). Enter any name you want.
8) Choose 1 or 2 for Payload creation method.
Your payload will get generated in a bit. Don't upload it to online scanners, since they distribute it to different AV companies and the detection rate increases. I will update the post with screenshots soon.
No comments:
Post a Comment