nccgroup / metasploitavevasion Goto Github PK

View Code? Open in Web Editor NEW

259.0 44.0 91.0 51 KB

Metasploit AV Evasion Tool

License: GNU Affero General Public License v3.0

Shell 100.00%

metasploitavevasion's Introduction

Metasploit AV Evasion

Metasploit payload generator that avoids most Anti-Virus products.

Released as open source by NCC Group Plc - http://www.nccgroup.com/

Developed by Daniel Compton, daniel dot compton at nccgroup dot com

https://github.com/nccgroup/metasploitavevasion

Released under AGPL see LICENSE for more information

=================================== Updated 08/2015 by Jason Soto, jason_soto [AT] jsitech [DOT] com

Removed Deprecated Commands in favor of MsfVenom

Updated 12/2015

Removed use of ifconfig for more Distro Compatibility, Using "ip route" for ip Detection

Added gcc compiler use condition for use in Arch Based Distros

Using "msfconsole -x" for auto Listener launching instead of resource file

Code Cleanup

www.jsitech.com

https://github.com/jsitech

Twitter = @JsiTech

Tested on Kali Linux

Installing

git clone https://github.com/nccgroup/metasploitavevasion.git

chmod +x the avoid.sh file before use.

How To Use

./avoid.sh

Then follow the on screen prompts.

Features

Easily generate a Metasploit executable payload to bypass Anti-Virus detection
Local or remote listener generation
Disguises the executable file with a PDF icon
Executable opens minimised on the victims computer
Automatically creates AutoRun files for CDROM exploitation

Screen Shot

Change Log =======================

Version 1.5 - Official release.

metasploitavevasion's People

Contributors

Stargazers

Watchers

Forkers

yaeger peterclemenko joster pricedm jakuta-tech lucabongiorni emmetcooper spnow wandering-nomad gam4er baldybadgersrunningroundmybrain mayur021 mymyke aryanguenthner alex-metasploit baiyunping333 dmccarten kaneschutzman ksmaheshkumar ccgreen13 wikijm unbaiat jsitech lordlight peterpt ihorlaitan lockgit pandazheng mmmooorrreee jiangzhw butilities archietuttle zigitax xeddmc 453483289 majl bemonolit nimdakey rajivraj cloudxtreme samsung972 hanshaze f00bar10 redteamcaliber leasemeng digideskio psuedoelastic suviet safesonic badfish5150 wateroot ht13 solertis caoimhinp noobzero clicknull n4yk mgcfish houcy hackntkt zard777 fckoo hrk31c ro9ueadmin heikipikker corleanus mrw1ggl3s attackgithub ntgitdude23 sry309 mpetka rafi693 5l1v3r1 wesdawiggles eff4real ex0brain haraprasadghosh yuhmylaughs pb0rz3l jvohiebmopidktokzv jkirby2423

metasploitavevasion's Issues

Remove links to Common Exploits

Something went wrong trying to compile the executable, exiting

Got an error while trying to generate an payload

[franco@Arch ~]$ metasploitavevasion 
##################################################################

*** AV0id - Metasploit Shell A.V. Avoider Version 1.5  ***

##################################################################
---------------------------------------------------------------------------------------------------------
[?] What system do you want the Metasploit listenter to run on? Enter 1 or 2 and press enter
---------------------------------------------------------------------------------------------------------

 1. Use my current system and IP address

 2. Use an alternative system, i.e public external address

---------------------------------------------------------------------------------------------------------

> 2

[-] Alternative system selected

--------------------------------------------------------------------
[?] What IP address to you want the listener to run on?
--------------------------------------------------------------------

> 192.168.0.19

---------------------------------------------------------------------------------------------------------
[?] What port number do you want to listen on? If on the internet try port 53 if restricted
---------------------------------------------------------------------------------------------------------

> 4444

[-] Generating Metasploit payload, please wait...

[ +++++++++++++++++++++++++++++++++++++++++++++++++++++   ]ruby: No such file or directory -- /usr/share/metasploit/msfpayload (LoadError)

--------------------------------------------------------------------------------------------
[?] How stealthy do you want the file? Enter 1, 2, 3, 4 or 5 and press enter
--------------------------------------------------------------------------------------------

 1. Normal - about 400K payoad  - fast compile - 13/46 A.V. products detected as malicious

 2. Stealth - about 1-2 MB payload - fast compile - 12/46 A.V. products detected as malicious

 3. Super Stealth - about 10-20MB payload - fast compile - 11/46 A.V. detected as malicious

 4. Insane Stealth - about 50MB payload - slower compile - 10/46 A.V. detected as malicious

 5. Desperate Stealth - about 100MB payload - slower compile - Not tested with A.V.

----------------------------------------------------------------------------------------------

> 3


[-] Super Stealth selected, please wait a few seconds

[-] Generating random seed for padding...please wait

[ 01100111001001001110111001101010101010110101001010111 ]
build.c:5:1: error: expected expression before ‘char’
 char comment[512] = "";
 ^

[!] Something went wrong trying to compile the executable, exiting

Script complete, press <enter> to exit

Running on Arch Linux system.

Add support for Arch/other distros

The script currently makes assumptions about what tools are installed (mingw-gcc, ifconfig, etc) and so won't work on non-Kali distros.

We should perform some more checks to see whether alternative tools are available and use them if possible.

Still using depreciated commands

Are there any plans to switch to msfvenom?

Error message

Everything worked fine until this error:
May you fix this?