Author Archives: Nick

Powershell – Download and execute .exe

Here’s a simple script that will download and run an executable file from within Powershell. First let’s serve up the file from our host machine. We can do this very quickly with python. Go to the directory where the file is stored, right click and start terminal from here. This will put you in aContinue reading “Powershell – Download and execute .exe”

Evade Virus Scanners MSFVenom Payload Generator – CatchYou2

So in my efforts to find various ways of encoding MSFVenom payloads to evade virus detection and Windows Defender, I came across CatchYou-2, an updated version of CatchYou. Available on GitHub https://github.com/SrMilton/CatchYou-2 I have been able to generate payloads that when uploaded to https://antiscan.me were detected by only 1 out of 26 virus scanners. (https://antiscan.me/scan/new/result?id=LvjTqXSJNb9C)Continue reading “Evade Virus Scanners MSFVenom Payload Generator – CatchYou2”

Editing a file in VIM editor

In a previous article we connected with a target machine using metasploit and a payload created using msfvenom. Then uploaded a text file to that machine. In this article we will look at the edit command in metasploit, and how to use it. So let’s imagine we are already connected and in the directory thatContinue reading “Editing a file in VIM editor”

Creating a simple payload with msfvenom

In order to establish a connection between metasploit and your target machine, it is necessary to create a payload. The payload is a program that contains malicious code to allow a backdoor between you and the target machine. Creating the payload is relatively easy using msfvenom. What is difficult is getting the payload onto theContinue reading “Creating a simple payload with msfvenom”

Bypassing UAC in Windows 10

Utilizing Meterpreter we have started a session with our target machine. The machine is running Windows 10, and we need to gain administrator privileges. If you try using the usual getsystem command, it fails with an error. Usually you can utilize the bypassuac module, but I have experienced that this also fails with a messageContinue reading “Bypassing UAC in Windows 10”