Javatpoint Logo
Javatpoint Logo

Overview of Payloads

Once Veil is installed, we are going to look at its commands. The commands are straightforward as shown in the following screenshot. The exit allow us to exit the program, info is used to provide us the information about a specific tool, list is used to list the available tools, update is used to update Veil, use is used to enable the use of any tool, as shown in the given screenshot:

Overview of Payloads

In the above screenshot, we can see that there are two types of tools that are used in the Veil:

  1. Evasion: This tool is used to generate an undetectable backdoor.
  2. Ordnance: This tool is used to generate the payloads used by Evasion. This is more of a secondary tool.

The payload is a part of the code, that does what we want it to. In this case, it gives us a reverse connection, downloads and executes something on a target computer. Now we are using the use command to enable the use of any tool. We want to run Evasion, so we are going to run use 1 command. When Veil-Evasion has loaded, we should see something similar to the following command:

Overview of Payloads

In the above screenshot, we can see that Veil gives us a list of commands that can run on this tool. We want to list all the available payloads, of which there are 41. In the following screenshot, we can see that each payload is divided into three parts, and we have highlighted the payloads we will be using which are 15) go/meterpreter/rev_https.py:

Overview of Payloads

The first part of the payload's name is the programming language in which the payload will be wrapped. In the preceding screenshot, we can see the language used include CS, Python, GO, C, PowerShell, and Ruby. In this example, we are going to use the go language.

The second part of the payload is the type of payload. In other words, the type of code that is going to be executed on the target network. In this example, we are going to use Meterpreter, which is a payload designed by Metasploit. Metasploit is a huge framework, and sometimes it is used for hacking. Meterpreter runs in memory, so it is difficult to detect, and it does not leave a large footprint. With Meterpreter, we can gain full access over a target computer. It allows us to navigate through the filesystem, install or download files, and much more.

The third part of the payload's name is the method that's going to be used to establish its connection. In our example, that is rev_https. Where rev stands for reverse, and https is the protocol that will be used to establish the connection. In the preceding screenshot, there are a few examples of rev_tcp, which creates a reverse TCP connection.

A reverse connection is where the target machine connects to the attacker's machine via a backdoor. This method bypass antivirus programs, because the connection is not directed at the target computer, but rather at the attacker instead. In our example, we are going to use a port 80 or 8080, that many websites use, so that the connection will appear as a harmless website connection.

Next TopicGenerating a Veil backdoor




Youtube For Videos Join Our Youtube Channel: Join Now

Feedback

Help Others, Please Share

facebook twitter pinterest

Learn Latest Tutorials

Splunk tutorial

Splunk
SPSS tutorial

SPSS
Swagger tutorial

Swagger
T-SQL tutorial

Transact-SQL
Tumblr tutorial

Tumblr
React tutorial

ReactJS
Regex tutorial

Regex
Reinforcement learning tutorial

Reinforcement Learning
R Programming tutorial

R Programming
RxJS tutorial

RxJS
React Native tutorial

React Native
Python Design Patterns

Python Design Patterns
Python Pillow tutorial

Python Pillow
Python Turtle tutorial

Python Turtle
Keras tutorial

Keras

Preparation

Aptitude

Aptitude
Logical Reasoning

Reasoning
Verbal Ability

Verbal Ability
Interview Questions

Interview Questions
Company Interview Questions

Company Questions

Trending Technologies

Artificial Intelligence

Artificial Intelligence
AWS Tutorial

AWS
Selenium tutorial

Selenium
Cloud Computing

Cloud Computing
Hadoop tutorial

Hadoop
ReactJS Tutorial

ReactJS
Data Science Tutorial

Data Science
Angular 7 Tutorial

Angular 7
Blockchain Tutorial

Blockchain
Git Tutorial

Git
Machine Learning Tutorial

Machine Learning
DevOps Tutorial

DevOps

B.Tech / MCA

DBMS tutorial

DBMS
Data Structures tutorial

Data Structures
DAA tutorial

DAA
Operating System

Operating System
Computer Network tutorial

Computer Network
Compiler Design tutorial

Compiler Design
Computer Organization and Architecture

Computer Organization
Discrete Mathematics Tutorial

Discrete Mathematics
Ethical Hacking

Ethical Hacking
Computer Graphics Tutorial

Computer Graphics
Software Engineering

Software Engineering
html tutorial

Web Technology
Cyber Security tutorial

Cyber Security
Automata Tutorial

Automata
C Language tutorial

C Programming
C++ tutorial

C++
Java tutorial

Java
.Net Framework tutorial

.Net
Python tutorial

Python
List of Programs

Programs
Control Systems tutorial

Control System
Data Mining Tutorial

Data Mining
Data Warehouse Tutorial

Data Warehouse