Winpayloads – Undetectable Windows Payload Generation

Winpaylods is a payload generator tool that uses metasploits meterpreter shellcode, injects the users ip and port into the shellcode and writes a python file that executes the shellcode using ctypes. This is then aes encrypted and compiled to a Windows Executable using pyinstaller.

Main features:

Undetectable Windows Payload Generation

Easy to Use Gui

Upload Payload to Local WebServer

Psexec Payload to Target Machine

Automatically Runs Metasploit Listener with Correct Settings after Payload Generated

Winpayloads also comes with a few features such as uac bypass and payload persistence. These are powershell files that execute on the system when the meterpreter gets a reverse shell. The uac bypass is written by PowerShellEmpire and uses an exploit to bypass uac on local administrator accounts and creates a reverse meterpreter running as local administrator back to the attackers machine.

Winpayloads can also setup a SimpleHTTPServer to put the payload on the network to allow downloading on the target machine and also has a psexec feature that will execute the payload on the target machine if supplied with usernames, domain, passwords or hashes.

psexec.py – imacket example

Features

UACBypass – PowerShellEmpire http://ift.tt/2tdEzle Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.

PowerUp – PowerShellEmpire http://ift.tt/1Pqp4qy Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.

Invoke-Shellcode http://ift.tt/2lLDnSX Copyright (c) 2012, Matthew Graeber. All rights reserved.

Invoke-Mimikatz http://ift.tt/1mPhui9 Copyright (c) 2012, Matthew Graeber. All rights reserved.

Invoke-EventVwrBypass http://ift.tt/2by3aug Matt Nelson (@enigma0x3)

Persistence – Adds payload persistence on reboot

Psexec Spray – Spray hashes until successful connection and psexec payload on target

Upload to local webserver – Easy deployment

Powershell stager – allows invoking payloads in memory & more

Getting Started

git clone http://ift.tt/2cyYz6W

cd winpayloads

./setup.sh will setup everything needed for Winpayloads

Start Winpayloads ./Winpayloads.py

Type ‘help’ or ‘?’ to get a detailed help pagesetup.sh -r will reinstall

Download Winpayloads

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s