Winpayloads – Undetectable Windows Payload Generation

Winpaylods is a payload generator tool that uses metasploits meterpreter shellcode, injects the users ip and port into the shellcode and writes a python file that executes the shellcode using ctypes. This is then aes encrypted and compiled to a Windows Executable using pyinstaller.

Main features:
  • Undetectable Windows Payload Generation
  • Easy to Use Gui
  • Upload Payload to Local WebServer
  • Psexec Payload to Target Machine
  • Automatically Runs Metasploit Listener with Correct Settings after Payload Generated
Winpayloads also comes with a few features such as uac bypass and payload persistence. These are powershell files that execute on the system when the meterpreter gets a reverse shell. The uac bypass is written by PowerShellEmpire and uses an exploit to bypass uac on local administrator accounts and creates a reverse meterpreter running as local administrator back to the attackers machine.

Winpayloads can also setup a SimpleHTTPServer to put the payload on the network to allow downloading on the target machine and also has a psexec feature that will execute the payload on the target machine if supplied with usernames, domain, passwords or hashes. 

psexec.py – imacket example

Features

  • UACBypass – PowerShellEmpire http://ift.tt/2tdEzle Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.
  • PowerUp – PowerShellEmpire http://ift.tt/1Pqp4qy Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.
  • Invoke-Shellcode http://ift.tt/2lLDnSX Copyright (c) 2012, Matthew Graeber. All rights reserved.
  • Invoke-Mimikatz http://ift.tt/1mPhui9 Copyright (c) 2012, Matthew Graeber. All rights reserved.
  • Invoke-EventVwrBypass http://ift.tt/2by3aug Matt Nelson (@enigma0x3)
  • Persistence – Adds payload persistence on reboot
  • Psexec Spray – Spray hashes until successful connection and psexec payload on target
  • Upload to local webserver – Easy deployment
  • Powershell stager – allows invoking payloads in memory & more

Getting Started

  1. git clone http://ift.tt/2cyYz6W
  2. cd winpayloads
  3. ./setup.sh will setup everything needed for Winpayloads
  4. Start Winpayloads ./Winpayloads.py
  5. Type ‘help’ or ‘?’ to get a detailed help page
    setup.sh -r will reinstall

from KitPloit – PenTest Tools! http://ift.tt/2uN99Rf

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s