Introduction to Avyukt Exploitation Framework

  • Posted by Vedant
  • Date September 23, 2020
Hello Hackers!

 

I hope you all are fine and doing safe in this pandemic! So, I made a framework in Python which can be used to generate malicious payloads and gain remote access to target machines.
In this article I’m going to show you how to install it and use it to generate a backdoor and hack a target computer. Please keep in mind that the framework is only made for educational purposes, I won’t be responsible for any illegal activities. The Framework is still under Beta development, better features are going to be added soon!

Setting Up Avyukt:

In order to use the Framework, you need to clone it from the GitHub repository, use this command to clone the framework from GitHub.
git clone https://github.com/Vedant-Bhalgama/Avyukt

 

Navigate to the directory where you have cloned the Framework and run these commands first.
sudo apt-get update
pip install pyfiglet
pip install colorama

 

Now, Navigate to the Avyukt_Setup directory to run the setup file before using the framework. Use this command to run the setup.py file.

cd Avyukt_Setup
python setup.py

 

Be patient, It will take some time to Install all required dependencies and modules required by the Framework.

After the setup finishes, You are ready to go! Go back to the directory where you Avyukt is present and give it a shoot!

cd ..
python Avyukt.py

 

You will see something like this once you run the Framework. Also, A new directory called Output will be created If you run the Framework for this first time.

 

Generating a backdoor using Avyukt

Now let’s start doing the main point which is generating a Malicious Payload! You will see 4 Options here as follows

Evasion
Listener
Help
Exit

 

Use the first option – Evasion – to generate a backdoor,  type 1 and press enter!
You will get a list of all the payloads that you can use, type the number of the payload that you want.

 

We are going to use the first payload which is python/Avyukt/reverse_tcp. Type 1 and enter!

 

Now, All you have to do is give the backdoor a nice name, set the LHOST (Local IP) and LPORT (Listening port) and you’re good to go.

You can also type y for the next question to add an icon and it’ll ask you to input the path to your icon.

Now, it is going to Obfuscate the script and compile it to a Windows Executable on using wine.

Once the payload is compiled successfully, you’ll see the backdoor in Output/dist .

Now the framework will ask if you want to start the default handler for the selected payload to listen for connections, all you have to do is type y, set the LHOST and LPORT and it’ll do the rest for you!

Now, You can use any of the web delivery techniques like using the Apache Web Server or using the SimpleHTTPServer in Python. I have used SimpleHTTPServer of Python here.

Testing the backdoor

Now when you run the backdoor on a target machine you’ll get a prompt like this, don’t Worry! all you have to do is that click on “More Info” and click on “Run anyway”. This prompt comes because the backdoor which is an executable file doesn’t have a valid certificate.

 

If you go back to Kali Linux, You will see that you will have a new connection!

Now, You can execute system commands like dir, cd, or any other command. You can also use the help command to get a list of commands available for the payload! for now there are less commands as the framework is still under development. More features will be added soon.

Vedant
Vedant

Passionate In Penetration Testing, Ethical Hacking and Information Security.

You may also like

PwnTools
Introduction to PwnTools
4 November, 2024
Buffer-Overflows-Rewriting-EIP-to-Control-Execution
Buffer Overflows: Rewriting EIP to Control Execution
1 November, 2024
Track Down a Picture’s Location Easily
Track Down a Picture’s Location Easily
30 October, 2024

    6 Comments

  1. Nagasaikumar
    September 25, 2020

    it is showing me an error when i run python setup.py its showing me
    “”””Traceback (most recent call last):
    File “setup.py”, line 8, in
    from colorama import Fore
    ImportError: No module named colorama””

    how to fix this and i run all the commands before as shown

    • Vedant
      Vedant Bhalgama
      September 25, 2020

      This is why I tell PEOPLE TO READ THE WHOLE ARTICLE, Please read above I have already mentioned that before running the setup.py file, Run these 2 commands

      pip install colorama
      pip install pyfiglet

  2. ritesh
    September 25, 2020

    i am getting the exe file……. please help

    • Vedant
      Vedant Bhalgama
      September 28, 2020

      I think you mailed me about this issue and we have already resolved it there, Why are you asking again and again?

  3. [email protected]
    October 1, 2020

    Is it possible to use this with python 3? Python 2 is EOL and we really shouldn’t be forcing people to use it, especially with respect to security.

    • Vedant
      Vedant Bhalgama
      October 2, 2020

      Yes! I am converting the platform to Python3 soon! For now, You will have to use Python2!

Leave A Reply