第十一课:工具介绍Veil-Evasion
1、Veil-Evasion
Veil-Evasion 是与 Metasploit 生成相兼容的 Payload 的一款辅助框架,并可以绕过大多数的杀软。
Veil-Evasion 并没有集成在kali,配置 sources.list,可直接 apt-get。
1
[email protected]:~/Deskto#cat /etc/apt/sources.list
2
3
#中科大
4
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
5
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
6
#阿里云
7
#deb http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
8
#deb-src http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
9
#清华大学
10
#deb http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
11
#deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
12
#浙大
13
#deb http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
14
#deb-src http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
15
#东软大学
16
#deb http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
17
#deb-src http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
18
#官方源
19
deb http://http.kali.org/kali kali-rolling main non-free contrib
20
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
21
#重庆大学
22
#deb http://http.kali.org/kali kali-rolling main non-free contrib
23
#deb-src http://http.kali.org/kali kali-rolling main non-free contrib
Copied!
2、安装
1
[email protected]:~/Desktop# apt-get install veil-evasion
Copied!
由于在实验中本机已经安装,所以我们在虚拟机中使用 git 方式来下载和安装。(以便截图)
ps:本次 kali 下截图使用 scrot
1
[email protected]:~/Deskto# apt-get install scrot
2
[email protected]:~/Deskto# scrot -s //即可
3
[email protected]:~/Deskto# git clone https://github.com/Veil-Framework/Veil-Evasion.git
Copied!
1
[email protected]:~/Veil-Evasion# ./setup.sh
2
//安装漫长
Copied!
3、测试
以 
c/meterpreter/rev_tcp 为例:
4、附录:
1
[*] 可支持生成payloads:
2
1) auxiliary/coldwar_wrapper
3
2) auxiliary/macro_converter
4
3) auxiliary/pyinstaller_wrapper
5
4) c/meterpreter/rev_http
6
5) c/meterpreter/rev_http_service
7
6) c/meterpreter/rev_tcp
8
7) c/meterpreter/rev_tcp_service
9
8) c/shellcode_inject/flatc
10
9) cs/meterpreter/rev_http
11
10) cs/meterpreter/rev_https
12
11) cs/meterpreter/rev_tcp
13
12) cs/shellcode_inject/base64_substitution
14
13) cs/shellcode_inject/virtual
15
14) go/meterpreter/rev_http
16
15) go/meterpreter/rev_https
17
16) go/meterpreter/rev_tcp
18
17) go/shellcode_inject/virtual
19
18) native/backdoor_factory
20
19) native/hyperion
21
20) native/pe_scrambler
22
21) perl/shellcode_inject/flat
23
22) powershell/meterpreter/rev_http
24
23) powershell/meterpreter/rev_https
25
24) powershell/meterpreter/rev_tcp
26
25) powershell/shellcode_inject/download_virtual
27
26) powershell/shellcode_inject/download_virtual_https
28
27) powershell/shellcode_inject/psexec_virtual
29
28) powershell/shellcode_inject/virtual
30
29) python/meterpreter/bind_tcp
31
30) python/meterpreter/rev_http
32
31) python/meterpreter/rev_http_contained
33
32) python/meterpreter/rev_https
34
33) python/meterpreter/rev_https_contained
35
34) python/meterpreter/rev_tcp
36
35) python/shellcode_inject/aes_encrypt
37
36) python/shellcode_inject/aes_encrypt_HTTPKEY_Request
38
37) python/shellcode_inject/arc_encrypt
39
38) python/shellcode_inject/base64_substitution
40
39) python/shellcode_inject/des_encrypt
41
40) python/shellcode_inject/download_inject
42
41) python/shellcode_inject/flat
43
42) python/shellcode_inject/letter_substitution
44
43) python/shellcode_inject/pidinject
45
44) python/shellcode_inject/stallion
46
45) ruby/meterpreter/rev_http
47
46) ruby/meterpreter/rev_http_contained
48
47) ruby/meterpreter/rev_https
49
48) ruby/meterpreter/rev_https_contained
50
49) ruby/meterpreter/rev_tcp
51
50) ruby/shellcode_inject/base64
52
51) ruby/shellcode_inject/flat
Copied!
--By Micropoor
Last modified 3yr ago
Copy link