Winpayloads – Undetectable Windows Payload Generation

Use Netsparker


Winpayloads is a tool to provide undetectable Windows payload generation with some extras running on Python 2.7.

Winpayloads - Undetectable Windows Payload Generation

It provides persistence, privilege escalation, shellcode invocation and much more. The tool uses metasploits meterpreter shellcode, injects the users IP and port into the shellcode and writes a python file that executes the shellcode using ctypes. This is then AES encrypted and compiled to a Windows Executable using pyinstaller.


Features

  • UACBypass – PowerShellEmpire
  • PowerUp – PowerShellEmpire
  • Invoke-Shellcode
  • Invoke-Mimikatz
  • Invoke-EventVwrBypass
  • Persistence – Adds payload persistence on reboot
  • Psexec Spray – Spray hashes until successful connection and psexec payload on target
  • Upload to local webserver – Easy deployment
  • Powershell stager – allows invoking payloads in memory & more

Winpayloads also comes with a few features such as UAC bypass and payload persistence. These are powershell files that execute on the system when the meterpreter gets a reverse shell. The UAC bypass is written by PowerShellEmpire and uses an exploit to bypass UAC on local administrator accounts and creates a reverse meterpreter running as local administrator back to the attackers machine.

Winpayloads can also setup a SimpleHTTPServer to put the payload on the network to allow downloading on the target machine and also has a psexec feature that will execute the payload on the target machine if supplied with usernames,domain,passwords or hashes.

Installation

  1. git clone https://github.com/nccgroup/winpayloads.git
  2. cd winpayloads
  3. ./setup.sh will setup everything needed for Winpayloads
  4. Start Winpayloads ./Winpayloads.py
  5. Type ‘help’ or ‘?’ to get a detailed help page

You can download Winpayloads here:

Winpayloads-master.zip

Or read more here.

Posted in: Hacking Tools

,


Latest Posts:


Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.


Comments are closed.