winpayloads Charlie Dean updates - Undetectable Windows Payload Generation.

winpayloads Charlie Dean updates – Undetectable Windows Payload Generation.

Latest Change 29/4/2016:
+ WinPayloads.py: Massive update, modular menu.
+ Add new Powershell Menu:
1: Windows_Interactive_Reverse_Powershell_Shell
2: Windows_Reverse_Powershell_ScreenWatch
3: Windows_Reverse_Powershell_Asks_Creds
+ splash screen fix.WinPayloads-Menu

WinPayloads is a Undetectable Windows Payload Generation with extras Running on Python2.7
Requirements:
+ Metasploit Framework
+ python 2.7.X

Winpayloads Charlie Dean

Winpayloads Charlie Dean

with menu:
* Payload:
+ Shellter
– Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE infector ever created
– It can be used in order to inject shellcode into native Windows applications (32-bit only)
– https://www.shellterproject.com/introducing-shellter/

+ UAC Bypass
– This Module only works on Local Administrator Accounts
– Using this module, PowerShellEmpire’s UAC Bypass will execute on the target
– This will bypass uac and create another session running as administrator
– https://github.com/PowerShellEmpire/Empire

+ Priv Esc checks
– Using this module, PowerShellEmpire’s PowerUp AllChecks will execute on the target
– This will find common privesc vulnerabilities on the target
– https://github.com/PowerShellEmpire/Empire

+ Persistence
– This module will run a powershell script on the target
– Persistence adds registry keys and to the startup folder to automatically run the payload everytime the target boots

* Modules:
+ Windows Reverse Shell
– This payload will give the attacker a stageless reverse tcp shell
– A listener will be automatically started using NetCat
– Shellter is the only avalible module for this payload

+ Windows Reverse Meterpreter
– This payload will give the attacker a staged reverse tcp meterpreter shell
– A listener will be automatically started using Metasploit
– All MODULES are avalible for this payload

+ Windows Bind Meterpreter
– This payload will give the attacker a staged bind tcp meterpreter shell
– Connection to the bind port will be automatically started using Metasploit
– All MODULES are avalible for this payload

+ Windows Reverse Meterpreter HTTPS
– This payload will give the attacker a staged reverse HTTPS meterpreter shell
– A listener will be automatically started using Metasploit
– All MODULES are avalible for this payload

+ Windows Reverse Meterpreter DNS
– This payload will give the attacker a staged reverse tcp meterpreter shell with DNS name resolution
– Good for dynamic ip addresses and persistence payloads
– A listener will be automatically started using Metasploit
– All MODULES are avalible for this payload

* Deployment
+ SimpleHTTPServer
– The payload will be hosted locally on a HTTP server

+ Psexec and Spraying
– Spray hashes to find a vulnerable target
– Psexec the payload to the target
– Runs as system

Usage:

Source: https://github.com/Charliedean | Our Post Before