Veil-evasion

All posts tagged Veil-evasion

Good evening Friends. Today we will see how to install Veil Evasion in Kali Linux. Although this howto is made on Kali Linux Sana, it is same for all the versions of Kali. For the novices, Veil-Evasion is a tool to generate payload executables that bypass common antivirus solutions. First of all download and save the zip file of veil evasion as shown below from here.

veil1a

Next, Open terminal and go to the directory where the zip has been downloaded. Commonly it is root or Downloads. Mine is in root. Next unzip the contents of the zip file by using command unzip “Veil-Evasion-master.zip” as shown below.

veil2

When unzipping is finished, type “ls” command once again. You will see a new directory “Veil-Evasion-master”. Change into that directory as shown below and type “ls” to see the contents of that directory.

veil3

There will be a dircetory named “setup”. Change into that directory. You will see a file named “setup.sh”. Execute that file using command  “./setup.shveil4

It will prompt you a question whether you want to continue with the installation or not. Type “y”.

veil5

The installation will start. It will ask you whether to install Wine. Click on “Install”.

veil6

Next it will install Python. Click on “Next”.

veil7

Click on “Next”.

veil8

If it asks you to overwrite existing files of any Python, select “yes”.

veil9

Click on “Next” for the below window.

veil10

Finsih the installation by clicking on “finish”.

veil11

Next, the system will ask you to install pywin32. Pywin32 is a set of extension modules that provides access to many of the Windows API functions. Click on “Next”.

veil12

Click on “Next”.

veil13

Click on “Next”.

veil14

Click on “Finish” the script.

veil15

Next it will install pycrypto. Click on “Next”.

veil16

Click On “Next”.

veil17

Select language as “English” and click on “OK”.

veil19

Next it prompt you to install Ruby. Accept the license and click on “Next”.

veil20

Click on Install.

veil21

Click on Finish to to finish the installation of Ruby.

veil22

You will see the below screen as the installation finishes.

veil23

Now let us see if our installation has been successful by starting the program. Go to the “Veil-Evasion-master” directory in which there is a python script called “Veil-Evasion.py”. Execute this script by typing command “./Veil-Evasion.py”.

veil24

This is how Veil-Evasion looks when started.

veil25

 

 

 

 

 

Good evening friends. Today we will see how to bypass antivirus with Veil Evasion to hack a remote system. Veil-Evasion is a tool to generate payload executables that bypass common antivirus solutions. First we need to install Veil-Evasion in Kali Linux. Next, go to the installed directory as shown below. In the directory where it’s installed, there is another directory with name Veil-Evasion. Navigate to that directory. Type command “ls” to show the contents of that directory. There is a python script with name “Veil-Evasion.py”. Execute that script by typing command “./Veil-Evasion.py

veilab1

It will open the Veil evasion framework as shown below.

veilab2

It has total 46 payloads. To see the available payloads, type command “list“. Some of the available payloads are shown below.

veilab3

 

veilab4

To select any payload, just type its number. In my case, I am using “36”. I have successfully bypassed Avast antivirus with this payload. Type number “36” and hit Enter. It will show the available commands for that payload.

veilab5

Next type command “generate” to generate our payload.

veilab6

It will ask you as to how you want to generate the shellcode. Use the first option i.e msfvenom as we will use Metasploit to connect to the remote system.  It will ask you to enter the payload. By default it is “windows/meterpreter/reverse_tcp” . So just hit Enter. Then you will be prompted to enter the values of “Lhost”  and “Lport”, i.e the address of Kali Linux and local port for the connection. Hit on Enter when it asks for extra msfvenom options and the shellcode starts generating as shown below.

veilab7

Next, you will be asked to enter name for the executable of the payload. Give any name and hit on Enter. Next, it will ask you as to how you would like to create your executable. Choose the default option by just hitting “Enter” as shown below.

veilab8

Your executable will be generated and the directory in which it is created will be shown as below.

veilab9

Now we need to start Metasploit and load the handler exploit and payload as shown below.

veilab10

The payload, LHOST address and LPORT should be same as given in the executable file we created. Type command “exploit”. The exploit will stop at the stage shown below.

veilab11

Now send that executable( in this case “viras.exe” ) file to our victim. When he clicks on it, we will get a meterpreter session as shown below. Type command “sysinfo” to get the system information.

veilab12