Wednesday, October 8, 2014

  • How to install and use Veil-Catapult in backtrack?

    First if you have not already installed veil-evasion framework then first install it as mentioned here.After installing Veil-evasion follow steps.



    root@bt:~cd Veil-Catapult-master/


    Now veil-catapult require impacket library & passing the hash toolkit.So setup script try to install PTH suite but we got error.So we have to manually do it.

    Install passing the hash.



    root@bt:~dpkg -i winexePTH1.1.0-1.deb

    root@bt:~dpkg -i wmiPTH-1.0-1.deb

    If you are using other OS then you have to manually build it as mentioned here .

    It installed into the /opt/pth/bin folder , we have to move it into /usr/bin.

    root@bt:~# ln -s /opt/pth/bin/wmis /usr/bin/pth-wmis

    root@bt:~# ln -s /opt/pth/bin/winexe /usr/bin/pth-winexe

    root@bt:~# ln -s /opt/pth/bin/wmic /usr/bin/pth-wmic

    Installing impacket library

    root@bt:~# wget

    root@bt:~# tar -xvzf impacket-0.9.11.tar.gz 

    root@bt:~# cd impacket

    root@bt:~# python build 

    I know you have question that we can install it , but when we tried to install , it  installed succesfully ;but some of modules are missing.So we first gonna build it then copy it. Now copy folder impacket from build/lib.linux-i686-2.6/ and paste it into /usr/lib/pymodules/python2.6 

    Now everything is ready ,we can run it. Before that open /etc/veil/ and checkout all path.

    root@bt:~/Veil-Catapult-master# python 

    Now select number according to your choice & fill out necessary option.

    Powershell injector


    Barebones python injector


    Sethc backdoor

    Reboot, hit Shift key 5 times, SYSTEM shell will pop up. Also there is script for it in metasploit.Check it out this awesome blog for more details.

    EXE delivery upload 


    Cleanup resource script is generated , you can use it after your work completed for kill process & remove exe.

    You can also host exe using temporary SMB server.This will load the payload executable into memory without touching disk, allowing otherwise disk-detectable executable to bypass detection

    Post a Comment

    Copyright @ Solve It Your Way: How to install and use Veil-Catapult in backtrack?

    I Love My Family