webshell/aspx/nishang/README.md
tennc 300ccb3c8d update Antak-WebShell aspx
Antak-WebShell
2014-07-30 17:50:54 +08:00

6.8 KiB

#Nishang

###Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security usage and during Penetraion Tests. Nishang is useful during various phases of a penetration test and is most powerful for post exploitation usage.

####Scripts Nishang currently contains following scripts and payloads.

#####Antak - the Webshell Antak

Execute powershell scripts in-memory, commands, download and upload files using this webshell.

#####Backdoors HTTP-Backdoor

A backdoor which is capable to recieve instructions from third party websites and could execute powershell scripts in memory.

DNS_TXT_Pwnage

A Backdoor which could recieve commands and powershell scripts from DNS TXT queries and execute those on target and could be controlled remotely using the queries.

Execute-OnTime

A Backdoor which could execute powershell scripts on a given time on a target.

#####Escalation Enable-DuplicateToken

When SYSTEM privileges are required.

Remove-Update

Introduce vulnerabilites by removing patches.

#####Execution Download-Execute-PS

Download and execute a powershell script in memory.

Download_Execute

Download an executable in text format, convert to executable and execute.

Execute-Command-MSSQL

Run powershell commands, native commands or SQL commands on a MSSQL Server with sufficient privileges.

Execute-DNSTXT-Code

Execute shellcode in memeory using DNS TXT queries.

#####Gather Check-VM

Check for Virtual Machine

Copy-VSS

Copy the SAM file using Volume Shadow Service.

Credentials

Fool a user to give credentials in plain text.

FireBuster FireListener

A pair of scripts for Egress Testing

Get-Information

Get juicy information from a target.

Get-LSASecret

Get LSA Secret from a target.

Get-PassHashes

Get password hashes from a target.

Get-WLAN-Keys

Get WLAN keys in plain from a target.

Keylogger

Log keys from a target.

#####Pivot Create-MultipleSessions

Check credentials on multiple computers and create PSSessions.

Run-EXEonRemote Copy and execute an executable on multiple machines.

#####Prasadhak Prasadhak

Check running hashes of running process against Virus Total database.

#####Scan Brute-Force

Brute force FTP, Active Directory, MS SQL Server and Sharepoint.

Port-Scan

A handy port scanner.

#####Powerpreter Powerpreter

All the functionality of nishang in a single script module.

#####Utility Add-Exfiltration

Add data exfiltration capability to gmail,pastebin, webserver and DNS to any script.

Add-Persistence

Add Reboot persistence capability to a script.

Remove-Persistence

Remoce persistence added by the Add-Persistence script.

Do-Exfiltration

Pipe (|) this to any script to exfiltrate the output.

Download

Download a file to the target.

Parse_Keys

Parse keys logged by the Keylogger.

Invoke-Encode

Encode and Compress a script or string.

Invoke-Decode

Decode and Decompress a script or string from Invoke-Encode.

[Base64ToString] [StringToBase64] [ExetoText] [TexttoExe]

####Usage

Use the individual scripts with dot sourcing

PS > . .\Get-Information PS > Get-Information

To get help about any script or payload, use

PS > Get-Help [scriptname.ps1] -full

Import all the scripts in current powershell session

PS > Import-Module .\nishang.psm1

####Updates

Updates about Nishang could be found at my blog http://labofapenetrationtester.com/ and my twitter feed @nikhil_mitt

####Bugs, Feedback and Feature Requests Please raise an issue if you encounter a bug or have a feature request or mail me at nikhil [dot] uitrgpv at gmail.com

#####Mailing List For feedback, discussions and feature requests join http://groups.google.com/group/nishang-users

#####Contributing I am always looking for contributors to Nishang. Please submit requests or drop me email.

#####Blog Posts

Some blog posts to check out for beginners:

http://www.labofapenetrationtester.com/2014/06/nishang-0-3-4.html

http://labofapenetrationtester.com/2012/08/introducing-nishang-powereshell-for.html

http://labofapenetrationtester.com/2013/08/powerpreter-and-nishang-Part-1.html

http://www.labofapenetrationtester.com/2013/09/powerpreter-and-nishang-Part-2.html

All posts about Nishang:

http://www.labofapenetrationtester.com/search/label/Nishang