SneakyEXE : Embedding “UAC-Bypassing” Function Into Your Custom Payload

SneakyEXE is a tool which helps you embedding UAC-Bypassing function into your custom Win32 payloads ( x86_64 architecture specifically )

  • Tested on Windows 7,8,10 ( 64bit)
  • Free and Open-sourced with full source codes published

Requirements


LinuxWindows
ArchitectureOptionalx86_64
Python 3.x >YESNO
ModuletermcolorNO
DistrosAnyWindows
VersionAnyWindows 7,8,10

Also Read – Slackor : A Golang Implant That Uses Slack As A Command & Control Server

Usage

[ Linux ]:

This tool does require a python module called termcolor. When you run the script it will automatically install it if you haven’t, but if you want the tool to function faster, i would suggest you doing it manually before proceeding

$ pip3 install termcolor #installing termcolor

$ #Temporary usage only, installation below
$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE/Linux $ chmod +x sneakyexe.py
$ ./sneakyexe <option>=<path to payload/code> out=<where you wanna save>

[ Windows ]:

  • visit https://github.com/Zenix-Blurryface/SneakyEXE
  • Download the repository, “clone or download” -> “Download ZIP”
  • Unzip it into your optional directory
  • Change dir to \SneakyEXE\Win32\
  • Execute sneakyexe.exe ( or sys\sneakyexe.exe for an improved startup speed )
  • ( Optional : you can copy sneakyexe.exe to whatever directory you want and delete the unzipped one )

– NOTE – The payload can only be successfully executed by the user with Administrator privilege. Users with limited token wouldn’t succeed.

Installation

[ Linux ]:

$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE
$ chmod +x install.sh
$ sudo ./install.sh

[ Windows ]:

  • UNAVAILABLE
  • ( Soon will if many people demand )

Build

  • Built on Opensuse Leap 15.0
  • Developed using Python 3.6.5
  • Developed with gcc (MinGW.org GCC-8.2.0-3) 8.2.0 for the payload compilation
[ Payload Embedding ]
  • In order to build the elevator from source, you will need gcc gcc 8.2.0 ( c11 ) and a AMD64 machine with Windows 10(7/8) 64-bit installed.

# Windows 10/7/8 (AMD64)
# Open cmd.exe / powershell.exe
>> gcc -mwindows -o <output>.exe /source/main.c

[ GUI Version ]
  • In order to build the GUI version from source, you will need Python 3.5.6 ( or higher ) with modules like Pyinstaller, Pillow and a AMD64 machine with Windows 10 (7/8) 64-bit installed.

# Assume we already had Python preinstalled
# Open cmd.exe / powershell.exe
>> pip install pillow # Installing Pillow
>> pip install pyinstaller # Installing Pyinstaller
>> mkdir compile # Optional directory name
>> cd compile
>> pyinstaller –windowed –onefile –icon=Icon.ico /source/Win32/GUI.py
# For sysematic version ( /sys ), remove –onefile
>> cd dist
>> GUI.exe # The compiled executable :}

Disclaimer

  • This tool was made for academic purposes or ethical cases only. I ain’t taking any responsibility upon your actions if you abuse this tool for any black-hat activity
  • Feel free to use this project in your software, just don't reclaim the ownership.
R K

Recent Posts

Website OSINT: Tools and Techniques for Reconnaissance

Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…

12 hours ago

Top OSINT Tools to Find Emails, Usernames and Passwords

Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…

1 day ago

Google Dorking in Cybersecurity: A Complete Guide

Introduction In the vast ocean of the internet, the most powerful tool you already have…

2 days ago

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

2 weeks ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

2 weeks ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

2 weeks ago