create your own exploit, or change the signature of a known exploit or payload. One of the most important issues any hacker must address is how to get past security devices and remain undetected. These can include antivirus software, intrusion detection systems, firewalls, web application firewalls, and numerous others. As nearly all of these devices employ a signature-based detection scheme where they maintain a database of known exploits and payload signatures, the key is to either: As creating your own exploit and payload is both time-consuming and requires advanced skills, the novice hacker is better served by first attempting to change the signature of the exploit and payload. $199 ENROLLS YOU INTO OUR SELF PACED COURSE – LFS264 – OPNFV FUNDAMENTALS! In previous tutorials, we have used both Metasploit’s msfpayload/msencode (now deprecated) and msfvenom. In these cases, the AV developers have coded a signature for the templates these schemes use. In this tutorial, we will look at another re-encoding scheme for hiding the signature of known payloads known as Veil-Evasion. Veil-Evasion was specifically developed to enable you to change the signature of your payload. It is written in Python, but has numerous encoders to enable you to rewrite your code to evade detection in multiple ways.

Step 1 Install Veil-Evasion We first need to install Veil-Evasion on our system. We can download it from the Kali repository. Simply type: apt-get install veil-evasion

Step 2 Set Up Veil-Evasion To start Veil-Evasion, just type: veil-evasion When you do so, you will be greeted with this opening screen: Veil will now begin its installation. It will ask you whether you want to install dependencies; tell it “y” for yes. Next, Veil-Evasion will begin to download all its dependencies. This can take awhile, so be patient. Eventually, Veil-Evasion will ask you whether you want to install Python for Windows. Select “Install for all users” and click the “Next” button. Use the default directory when the install wizard asks, and then you will be greeted by a screen like below. Click “Next.” Eventually, you will come to a screen like that below. Go ahead and click “Next” again. Continue to click “Next” through several screens until you finally come to a window with the “Finish” button. Click it. Eventually, your patience will be rewarded when you finally arrive at the screen below. Now we are ready to begin to use Veil-Evasion to create a nearly undetectable payload.

Step 3 Create an EXE with a Payload In this first step, we will create a simple .exe file that will contain a payload that enables us to own the victim’s system. This could be used to send to the victim and having them click on it to execute it. Generally, this type of attack will be part of a social engineering attack. $199 ENROLLS YOU INTO OUR SELF PACED COURSE – LFS264 – OPNFV FUNDAMENTALS! Let’s now type “list” as this will list all of the payloads that Veil-Evasion can work with. Those of you who are familiar with Metasploit will recognize many of these payloads.