SneakyEXE is a tool which helps you embedding UAC-Bypassing function into your custom Win32 payloads ( x86_64 architecture specifically )
Requirements
Linux | Windows | |
---|---|---|
Architecture | Optional | x86_64 |
Python 3.x > | YES | NO |
Module | termcolor | NO |
Distros | Any | Windows |
Version | Any | Windows 7,8,10 |
Also Read – Slackor : A Golang Implant That Uses Slack As A Command & Control Server
Usage
[ Linux ]:
This tool does require a python module called
termcolor
. When you run the script it will automatically install it if you haven’t, but if you want the tool to function faster, i would suggest you doing it manually before proceeding
$ pip3 install termcolor #installing termcolor
$ #Temporary usage only, installation below
$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE/Linux $ chmod +x sneakyexe.py
$ ./sneakyexe <option>=<path to payload/code> out=<where you wanna save>
[ Windows ]:
– NOTE – The payload can only be successfully executed by the user with Administrator privilege. Users with limited token wouldn’t succeed.
Installation
[ Linux ]:
$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE
$ chmod +x install.sh
$ sudo ./install.sh
[ Windows ]:
UNAVAILABLE
Build
Python 3.6.5
gcc (MinGW.org GCC-8.2.0-3) 8.2.0
for the payload compilationgcc gcc 8.2.0
( c11
) and a AMD64 machine with Windows 10(7/8) 64-bit installed.# Windows 10/7/8 (AMD64)
# Open cmd.exe / powershell.exe
>> gcc -mwindows -o <output>.exe /source/main.c
Python 3.5.6
( or higher ) with modules like Pyinstaller
, Pillow
and a AMD64 machine with Windows 10 (7/8) 64-bit installed.# Assume we already had Python preinstalled
# Open cmd.exe / powershell.exe
>> pip install pillow # Installing Pillow
>> pip install pyinstaller # Installing Pyinstaller
>> mkdir compile # Optional directory name
>> cd compile
>> pyinstaller –windowed –onefile –icon=Icon.ico /source/Win32/GUI.py
# For sysematic version ( /sys ), remove –onefile
>> cd dist
>> GUI.exe # The compiled executable :}
Disclaimer
abuse this tool
for any black-hat activitydon't reclaim the ownership
.Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…
Docker is one of the most widely used containerization platforms. But there may come a…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…