GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → r00t-3xp10it → Meterpreter_paranoid_mode Ssl

r00t-3xp10it / Meterpreter_paranoid_mode Ssl

Meterpreter Paranoid Mode - SSL/TLS connections

Programming Languages

shell
77523 projects

Labels

ssl-certificatemeterpreter

Projects that are alternatives of or similar to Meterpreter paranoid mode Ssl

Powershell Reverse Http
😇 A Powershell exploit service that opens a reverse http connection via meterpreter
Stars: ✭ 104 (-57.89%)
Mutual labels:  meterpreter
Wossl
OpenSSL对称算法、哈希校验、非对称算法、证书管理、SSL安全
Stars: ✭ 144 (-41.7%)
Mutual labels:  ssl-certificate
Blynk Server
Blynk is an Internet of Things Platform aimed to simplify building mobile and web applications for the Internet of Things. Easily connect 400+ hardware models like Arduino, ESP8266, ESP32, Raspberry Pi and similar MCUs and drag-n-drop IOT mobile apps for iOS and Android in 5 minutes
Stars: ✭ 8 (-96.76%)
Mutual labels:  ssl-certificate
Green Hat Suite
Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.
Stars: ✭ 112 (-54.66%)
Mutual labels:  meterpreter
Lua Resty Auto Ssl
On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt.
Stars: ✭ 1,786 (+623.08%)
Mutual labels:  ssl-certificate
Uacme
ACMEv2 client written in plain C with minimal dependencies
Stars: ✭ 155 (-37.25%)
Mutual labels:  ssl-certificate
Eggshell
iOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+420.65%)
Mutual labels:  meterpreter
Gke Managed Certs
Managed Certificates for Kubernetes clusters using GCLB
Stars: ✭ 214 (-13.36%)
Mutual labels:  ssl-certificate
Metasploit Cheat Sheet
Metasploit Cheat Sheet 💣
Stars: ✭ 139 (-43.72%)
Mutual labels:  meterpreter
Letsencrypt Cpanel
cPanel/WHM plugin for Let's Encrypt client
Stars: ✭ 181 (-26.72%)
Mutual labels:  ssl-certificate
Getssl
obtain free SSL certificates from letsencrypt ACME server Suitable for automating the process on remote servers.
Stars: ✭ 1,687 (+583%)
Mutual labels:  ssl-certificate
Certok
Command line tool to check the validity and expiration dates of SSL certificates.
Stars: ✭ 136 (-44.94%)
Mutual labels:  ssl-certificate
Nginxconfig.io
⚙️ NGINX config generator on steroids 💉
Stars: ✭ 14,983 (+5965.99%)
Mutual labels:  ssl-certificate
Apkinfector
Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK
Stars: ✭ 105 (-57.49%)
Mutual labels:  meterpreter
Technowhorse
TechNowHorse is a RAT (Remote Administrator Trojan) Generator for Windows/Linux systems written in Python 3.
Stars: ✭ 189 (-23.48%)
Mutual labels:  meterpreter
Autopwn
A simple bash based metasploit automation tool!
Stars: ✭ 99 (-59.92%)
Mutual labels:  meterpreter
Netpwn
Tool made to automate tasks of pentesting.
Stars: ✭ 152 (-38.46%)
Mutual labels:  ssl-certificate
Letsencrypt Rails Heroku
Automatic LetsEncrypt SSL certificates in your Rails app on Heroku.
Stars: ✭ 223 (-9.72%)
Mutual labels:  ssl-certificate
Ssl exporter
Exports Prometheus metrics for SSL certificates
Stars: ✭ 211 (-14.57%)
Mutual labels:  ssl-certificate
Cert
Cert is the Go tool to get TLS certificate information.
Stars: ✭ 166 (-32.79%)
Mutual labels:  ssl-certificate
View All Similar Projects ➔

Version Stage Build

Meterpreter_Paranoid_Mode v1.4 - SSL/TLS connections

Version release: v1.4 (Stable)
Author: pedro ubuntu [ r00t-3xp10it ]
Distros Supported : Linux Kali, Mint, Ubuntu
Suspicious-Shell-Activity (SSA) RedTeam develop @2017



Description:

 Meterpreter_Paranoid_Mode.sh allows users to secure your staged/stageless
 connection for Meterpreter by having it check the certificate of the
 handler it is connecting to.

 We start by generating a certificate in PEM format, once the certs have
 been created we can create a HTTP or HTTPS or EXE payload for it and give
 it the path of PEM format certificate to be used to validate the connection.

 To have the connection validated we need to tell the payload what certificate
 the handler will be using by setting the path to the PEM certificate in the
 HANDLERSSLCERT option then we enable the checking of this certificate by
 setting stagerverifysslcert to true.

 Once that payload is created we need to create a handler to receive the
 connection and again we use the PEM certificate so the handler can use the
 SHA1 hash for validation. Just like with the Payload we set the parameters
 HANDLERSSLCERT with the path to the PEM file and stagerverifysslcert to true.

 We can see the stage doing the validation when we recibe a session back ..

Meterpreter_Paranoid_Mode v1.4

Exploitation:

Meterpreter_Paranoid_Mode tool starts posgresql service, builds the PEM certificate,
builds payload (staged OR stageless), starts the comrespondent handler associated to
the PEM certificate created (manual) OR impersonated (msf auxliary module) runs msf
post-exploitation modules at session creation, deliver agents (staged or stageless)
using hta attack vector (apache2 + hta + agent) if configurated in the settings file.

Payloads available:

Staged (payload.bat|ps1|txt|exe):
windows/meterpreter/reverse_winhttps
windows/meterpreter/reverse_https
windows/x64/meterpreter/reverse_https

Stageless (binary.exe):
windows/meterpreter_reverse_https
windows/x64/meterpreter_reverse_https



Dependencies/Limitations:

xterm, zenity, metasploit, postgresql


WARNING: This tool will NOT evade AV detection, its made to prevent the data
beeing transmited from client (payload) to server beeing captured (Eavesdropping)

WARNING: If you decided to use a 64bit payload, then edit settings file and change
'MSF_ENCODER=x86/shikata_ga_nai' to one payload arch compatible encoder(64bit)

WARNING: Only in 'staged' builds, Users are allowed to chose the extension (bat|ps1|txt|exe)



Config Settings file (warning: case sensitive)

msf postgresql database connection check? (msfdb reinit) Meterpreter_Paranoid_Mode v1.4 Default payload extension (output) to use in staged builds Meterpreter_Paranoid_Mode v1.4 Input agent (output) name manually Meterpreter_Paranoid_Mode v1.4 Metasploit encoder to use in obfuscating payload sourcecode Meterpreter_Paranoid_Mode v1.4 This tool will also encode the 'stage' beeing send (sending stage to 192.168.1.69:666 ..)
using the encoder + unicode_encoder sellected on settings file (default: x86/shikata_ga_nai) Meterpreter_Paranoid_Mode v1.4 Meterpreter_Paranoid_Mode v1.4
HTA attack vector (deliver agent in local lan using apache2) Meterpreter_Paranoid_Mode v1.4
Default msf post module to run at session creation Meterpreter_Paranoid_Mode v1.4



Download/Install/Config:

1º - Download framework from github
     git clone https://github.com/r00t-3xp10it/Meterpreter_Paranoid_Mode-SSL.git

2º - Set files execution permitions
     cd Meterpreter_Paranoid_Mode-SSL
     sudo chmod +x *.sh

3º - Config tool settings
     nano settings

4º - Run main tool
     sudo ./Meterpreter_Paranoid_Mode.sh



Tool screenshots:

Meterpreter_Paranoid_Mode v1.4 Meterpreter_Paranoid_Mode v1.4


Video tutorials:

MPM [ Stageless payload - exe ]: https://www.youtube.com/watch?v=czbpD_4Mcdw

MPM [ Staged payload - bat ]: https://www.youtube.com/watch?v=Z51jBiFnPGE

MPM [ Stageless payload -exe - set encoder and post-module ]: https://www.youtube.com/watch?v=EBZq-JpGQMM

MPM [ Staged payload - ps1 - HTA attack vector ]: https://www.youtube.com/watch?v=JuoczGI4B3E


Special thanks (POCs):

@hdmoore | @OJ | @darkoperator | [email protected](SSA)

http://buffered.io/posts/staged-vs-stageless-handlers/

https://github.com/rapid7/metasploit-framework/wiki/Meterpreter-Paranoid-Mode

https://www.darkoperator.com/blog/2015/6/14/tip-meterpreter-ssl-certificate-validation

Suspicious-Shell-Activity (SSA) RedTeam develop @2017

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].