Undetectable Windows Payload Generation
Easy to Use Gui
Upload Payload to Local WebServer
Psexec Payload to Target Machine
Automatically Runs Metasploit Listener with Correct Settings after Payload Generated
Winpayloads also comes with a few features such as uac bypass and payload persistence. These are powershell files that execute on the system when the meterpreter gets a reverse shell. The uac bypass is written by PowerShellEmpire and uses an exploit to bypass uac on local administrator accounts and creates a reverse meterpreter running as local administrator back to the attackers machine.
Winpayloads can also setup a SimpleHTTPServer to put the payload on the network to allow downloading on the target machine and also has a psexec feature that will execute the payload on the target machine if supplied with usernames, domain, passwords or hashes.
psexec.py – imacket example
UACBypass – PowerShellEmpire http://ift.tt/2tdEzle Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.
PowerUp – PowerShellEmpire http://ift.tt/1Pqp4qy Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved.
Invoke-Shellcode http://ift.tt/2lLDnSX Copyright (c) 2012, Matthew Graeber. All rights reserved.
Invoke-Mimikatz http://ift.tt/1mPhui9 Copyright (c) 2012, Matthew Graeber. All rights reserved.
Invoke-EventVwrBypass http://ift.tt/2by3aug Matt Nelson (@enigma0x3)
Persistence – Adds payload persistence on reboot
Psexec Spray – Spray hashes until successful connection and psexec payload on target
Upload to local webserver – Easy deployment
Powershell stager – allows invoking payloads in memory & more
git clone http://ift.tt/2cyYz6W
./setup.sh will setup everything needed for Winpayloads
Start Winpayloads ./Winpayloads.py
Type ‘help’ or ‘?’ to get a detailed help pagesetup.sh -r will reinstall