GreatSCT: generate application white list bypasses – Penetration Testing

GreatSCT

An Application Whitelisting Bypass Tool

Download

git clone http://ift.tt/2vUhimw

Usage

python3 gr8sct.py

The first screen you’ll see is this menu.

Select the payload you wish to generate by name or its number, help for help, and menu at any time to get back here.

For single payload generation you will find the follwing with with values pointing to your C&C to fill out.

These can be set using set variable value syntax

Or by entering variable name/# itself, which gives more hints about the expected value

help gives more info as well

\n because I hate markdown

Once the correct values have been set generate to build your payload.

The payload (shellcode.xml in this case) appears in the root directory.
The devs should fix this so you can specify an output folder, but they are lazy.

For network testing purposes use generateAll from the inital menu

The bottom values are those which are common to multiple payloads. This lets you easily set your C&C values for all the payloads.

When it’s all set generate and you’ll find your payloads in ./GenerateAll/

A script to automatically execute each payload is pending (eta 2034).
For now, drop the folder onto the representative box, execute payloads one by one, and note which are blocked, which generate alerts, and which make it through undisturbed.

Source: Github

The post GreatSCT: generate application white list bypasses appeared first on Penetration Testing.

http://ift.tt/2v1vxd3 http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s