Integrating the Veil-Framework Into Your Own Tools

With our movement towards making Veil a true framework, we’ve tried to make the code as modular and extensible as possible. We’ve also tried out best to make Veil-Evasion and Veil-Catapult scriptable with command line flags for almost every options. However, it’s also simple to integrate various aspects of Veil-Evasion into your own python projects at a code/library level. This is what Veil-Catapult effectively does for payload and shellcode generation, and we wanted to detail how you can do the same for your python code base.

First, you need to pull in Veil-Evasion’s installation location and other configuration information. The easiest way is with Veil’s common confirmation file at /etc/veil/

import settings

The module tree should all be importable, including any of the payload modules from  ./modules/payloads/* as well as the common functions in ./modules/common/*.

To take advantage of Veil-Evasion’s shellcode generation, creating a modules.common.shellcode object and then calling the generate() method will drop users into the interactive shellcode-generation menu, spitting back out the resulting shellcode string after all options are set. You can also manually set the msfpayload and options:

from modules.common import shellcode
sc = shellcode.Shellcode()
if args.msfpayload:
    sc.SetPayload([args.msfpayload, args.msfoptions])
code = sc.generate()

If you want to invoke Veil-Evasion’s full menu structure and get the path of the compiled .exe back out, the controller object is what you want:

from modules.common import controller
con = controller.Controller()
exePath = con.MainMenu()

If you want the code from a particular module, that’s easy as well:

from modules.payloads.powershell.shellcode_inject import virtual
p = virtual.Payload()
code = p.generate()

If you’re interested in more detailed use, check out the code for Veil-Catapult, and let us know if you run into any problems, or have any ideas that you might think fit in with the project.


Leave a Reply