Mavoc Tool Walkthrough

⚠️Note : The Tool is in Development and i have decided to write this complete tool on Rust 🦀 for better runtime and new Features.

REAL HACKERS HACK TIME ...

Introduction

Mavoc is an tool used to pentest Windows and Linux machine. This tool mainly Focuses on Pentesting Windows . Made with using C++, Powershell and the server made with Python and go . This tool is Easy to use and the payloads are modifiable for your Needs . This tool is mainly Focuses on Windows Pentesing, and Automated Various Scripts to attack windows based System and can be used to add own scripts for ctf , attcking , debugging etc .. depens upon your needs .

Installation

The Tool can be used to get reverse shell in 3 various methods . SSH-Kench aka RSSH(Rev SSH), Python and Low Func C++ (coming soon) .

git clone https://github.com/Whitecat18/Mavoc
bash install.sh (or) 
chmod +x install.sh ; ./install.sh
./mavoc

On Mavoc tool . There will be 2 options . SSH Hack , Python-Exin and Low-Func.

For Now SSH-Kench and Python-Exin are avaiable.

Based on your Needs Select what you need.

Needs Network Connection for Powershell Bible.

What is the Different between SSH-Kench and Python-Exin ?

• SSH-Kench is more stable , even when you disconnect or shut the server,and start the server with same settings means, the victim can connect again.

• SSH-Kench is Well Suited to do Large Attacks and Good at stable connection.

• Python-Exin is an Powershell Payload prompter that alters the pre-payload (ie) Modifies it . When pasting the prompt payload script on .ps console will leads to get the reverse shell.

• Python-Exin is not Good for Stability and cant be used for large tasks and attack process .

• Python-Exin is an Older Version of Villain tool . Which i used to modify and keep it for my personal use . Now i am adding into the Tool.

Working Methodology

First You Will be Prompted to Enter into the shell . Based upon what you need . You can select depend upon your needs.

Type exit to leave the server .

After Entering ssh kench . Enter your IP Address and choose the method to perform . the ip address will store it in the ip_addr file to give the input to the server .

You can start the server later by (n) and to start the server . start server command can be used . Type help command for more info .

Mavoc payload Commands .

generate windows payload Alters and give the powershell payload .

generate linux payload will give you the bash payload

connect server will open an new-tmux server and connects with the server using ssh.

After Executing the payload given by the mavoc . you will get an connection to the mavoc-shell .

Attacking Linux .

Open the ssh kench and generate the payload using generate linux payload. Execute in the Shell and exit .

exec the payload to linux shell and exit .

check the mavoc-shell and connect

Short Video Demo .

Using Python Exin.

using exin is a pretty easy . Select option 2 and type help to see the commands . For more features you can type it manually .

Copy the payload and exec in the linux distros

type sessions and connect using shell <session ID> . Type help for info on Mavoc. Exin

Attcking Windows.

So the main part begins 👿 . Lets do it

generate windows payload and copy the payload and use your tricks and tips to deliver the payload .

Copy the powershell payload and execute in the victim machine.

After that check you server if you got an (RSSH) Reverse Shell connection . use ls command to check if it works and type and tab key to autocomplete the connection .

Demo Video

Using Powershell Bible.

Powershell bible consists of 20+ Advance attcking and Enumeration commands that will execute at mavoc-shell at tmux shell . Some scripts are not added because it can be unfair to execute such scripts agaist user . The Scripts are in the Test Mode and will be added once its compactable with all windows Machines .

Powershell bible is only For Windows Operating Systems . use ps bible to load powershell modules

after getting connection from the victim . Execute ps bible . Type help for more info .

Ps bible can be used to Deliver the powershell scripts to perform actions .

For Example if you need to see the installed Applications on victim pc . you can drop a powershell script . just type the list exe apps to list it .

Copy the above scirpt and paste in the mavoc-shell (ie) tmux shell . Executing this will send an UAC Access Permission ;)

If an Allows means . then you will get an (Admin reverse shell) 👿

This is an bit hard . cuz many people wont allow it . you can use the send msg box to send a social Engineer msges to victim ;) . ie i got one of my teacher's (Admin shell) like that ;)

you can check if you got an admin shell by executing check if admin on ps bible.

Demo Video

How to Copy an text from the Mavoc-Shell (Tmux) to CLIP board !

1. Enter Copy Mode: Press Ctrl + b (the default tmux prefix) followed by [ to enter copy mode. This is similar to scrolling mode and allows you to navigate and select text.

2. Navigate and Select Text: Once you're in copy mode, you can use the arrow keys, Page Up, Page Down, and other navigation keys to move around and select the text you want to copy. To start selecting, move the cursor to the beginning of the text you want to copy.

3. Begin Selection: Press Space to start selecting text. Move the cursor to highlight the desired text.

4. Copy Text: After selecting the text, press Enter to copy the selected text to the clipboard.

5. Exit Copy Mode: Press q to exit copy mode. You'll be back in the normal tmux session.

6. Paste Text: You can now paste the copied text outside the tmux session using the usual paste command for your terminal emulator (usually Ctrl + Shift + v or right-click and select "Paste").

For Complete Tutorial you can check this Blog .