Skip to content
This repository has been archived by the owner on Jan 10, 2024. It is now read-only.

Home

Jump to bottom
Chris Truncer edited this page Mar 3, 2017 · 2 revisions

Welcome to the Veil wiki!

Running Veil 3

First things first, you will need to install all the dependencies required to run Veil 3 (it's massive, I know, but if you want to compile code in Wine, deal with it :)) Enter the setup folder (do not run the setup script outside of the setup folder) Run the following to start the setup process: sudo ./setup.sh -c Let the install process begin, accept the prompts as prompted

How Veil Works

Veil 3 is a combination of both Veil-Evasion and Veil-Ordnance into a single tool. If you want to only generate shellcode, you can do that with Ordnance. If you want to only generate an executable, you can do that with Ordnance. You can also have Evasion drop right into Ordnance to generate your shellcode automatically. From the main meny, just "use" the tool that you want to use, and you will be dropped right into its respective main menu.

Ordnance

Once in Ordnance use the "payload" command to select the payload that you would like to use.

With your payload selected, "set" the required information (such as the LHOST and LPORT information).

Once you've supplied the required information, just type "generate" to generate your shellcode.

Evasion

Evasion Commands

Once in Evasion, you have a couple different commands you can use.

checkvt

The checkvt command will submit the hash of the payload(s) you've created (NOTE: it does NOT submit the executable itself) to VirusTotal. It will then let the user know if any of the payloads you have generated have been submitted to VirusTotal (meaning you're under investigation), or if none of them have been.

clean

The clean command is an easy way to remove the artifacts that Evasion generates (handler files, source code, compiled binaries). This command will delete all of them.

list

The list command lists all of the payloads loaded into Evasion

use

The use command selects the payload to use

Evasion Usage

From the main menu, you can use the "list" command to list the payloads available in Evasion. After reviewing the loaded commands, select the payload you want to "use".

At the next screen, provide any required information that is needed for the selected payload. You can also provide information for optional attributes, such as specifying the system hostname the payload should run on, the minimum number of processors that must be present on the system for the payload to run, etc.

After you have specified any options, type "generate". If applicable, you will be brought to a menu asking how you would like to generate shellcode. You have the following options:

  1. Use Ordnance to automatically generate the shellcode for you
  2. Use MSFVenom to generate the shellcode for you
  3. Provide the shellcode you would like to use
  4. Provide a path to a file containing the binary shellcode you would like to use

Choose the options that works best for your scenario.

You will then be asked to provide a name for the Veil output.

If applicable, you will be asked how you would like your payload to be compiled (otherwise your payload will be auto-compiled, or you will receive the source code output).

Select your option. At this point, Evasion will create all of its output files, and you should have everything you need!

Clone this wiki locally