SneakyEXE is a tool which helps you embedding UAC-Bypassing function into your custom Win32 payloads ( x86_64 architecture specifically )
Requirements
Linux | Windows | |
---|---|---|
Architecture | Optional | x86_64 |
Python 3.x > | YES | NO |
Module | termcolor | NO |
Distros | Any | Windows |
Version | Any | Windows 7,8,10 |
Also Read – Slackor : A Golang Implant That Uses Slack As A Command & Control Server
Usage
[ Linux ]:
This tool does require a python module called
termcolor
. When you run the script it will automatically install it if you haven’t, but if you want the tool to function faster, i would suggest you doing it manually before proceeding
$ pip3 install termcolor #installing termcolor
$ #Temporary usage only, installation below
$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE/Linux $ chmod +x sneakyexe.py
$ ./sneakyexe <option>=<path to payload/code> out=<where you wanna save>
[ Windows ]:
– NOTE – The payload can only be successfully executed by the user with Administrator privilege. Users with limited token wouldn’t succeed.
Installation
[ Linux ]:
$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE
$ chmod +x install.sh
$ sudo ./install.sh
[ Windows ]:
UNAVAILABLE
Build
Python 3.6.5
gcc (MinGW.org GCC-8.2.0-3) 8.2.0
for the payload compilationgcc gcc 8.2.0
( c11
) and a AMD64 machine with Windows 10(7/8) 64-bit installed.# Windows 10/7/8 (AMD64)
# Open cmd.exe / powershell.exe
>> gcc -mwindows -o <output>.exe /source/main.c
Python 3.5.6
( or higher ) with modules like Pyinstaller
, Pillow
and a AMD64 machine with Windows 10 (7/8) 64-bit installed.# Assume we already had Python preinstalled
# Open cmd.exe / powershell.exe
>> pip install pillow # Installing Pillow
>> pip install pyinstaller # Installing Pyinstaller
>> mkdir compile # Optional directory name
>> cd compile
>> pyinstaller –windowed –onefile –icon=Icon.ico /source/Win32/GUI.py
# For sysematic version ( /sys ), remove –onefile
>> cd dist
>> GUI.exe # The compiled executable :}
Disclaimer
abuse this tool
for any black-hat activitydon't reclaim the ownership
.Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…
Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…
Introduction In the vast ocean of the internet, the most powerful tool you already have…
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…