Welcome to 2016! For the first post/release of the year, I’m happy to push out a new language! First, I will preface this release by stating my politically correct opinion that Perl, is not fun. However, that doesn’t mean it isn’t viable for writing shellcode injectors!
This month, I’m pushing out the standard “flat” shellcode injection template for perl, which lets you generate perl shellcode injectors. However, if you run this module, you’re going to see something different than the other modules Veil-Evasion currently supports, right now there’s no native Windows compilation within Kali.
As of this release, I have not yet been able to get all the required dependencies installed within Wine and working. There is a workaround, similar to our Python Py2Exe output, you can “compile” this perl script into a self-contained Windows executable by using a Windows VM. While not the most ideal, I personally am always running a Windows VM in addition to a linux one while on tests, so I would imagine many of you follow a similar setup.
To generate a Windows executable, there’s a couple steps you’ll need to follow:
- Generate your perl payload like you would any other Veil-Evasion payload. Once Veil-Evasion is done, you’re going to receive the source code output (like normal), but no executable.
- Move the perl script over to your Windows VM (tested on Windows XP x32 and Windows 7 x64).
- Install Perl (x32) on your windows VM (I’ve personally tested this process using the latest x32 Strawberry Perl build).
- Once Perl has been installed, open a command prompt and run “cpan PAR::Packer”
- This step will take a little while, and will require an internet connection
- Navigate to your .pl Veil-Evasion output within a command prompt and type “pp –gui -o <output_name_here.exe> <veil-evasion_perl_output.pl>”
You now have your Perl executable!
I realize this isn’t the most ideal setup, but I’d rather we have the ability to generate these payloads vs. hold back on the release. I’ll continue to look into finding a way to make this work within Wine, but if anyone wants to help figure this out, it would definitely be appreciated :)
Anyways, hope that this helps, and happy new year!