Here comes  Kautilya 0.4.4. This version adds three new payloads and improves couple of others.
Download and Execute Powerhell Script - As the name suggests this script downloads a powershell script and executes it on the target.
Remove Update - Remove all or security or a specific hotfix from the target. Great way to introduce vulnerability on a target.
LSA Secrets - Dump LSA Secrets from a victim. The payload detects 32-bit or 64-bit machine and calls the proper version of powershell accordingly.
I am always looking for contributors, if you want to contribute to Kautilya (or Nishang) do not hesitate to contact me.
Please refer to the CHANGELOG below for details.
0.4.4
- Added "Download and Execute Powershell Script" windows payload.
- Added "Remove Update" windows payload.
- Added "LSA Secrets" windows payload.
- Updated "DNS TXT Backdoor". It is much more easy to use now.
- Renamed Wait for Command to HTTP Backdoor
- HTTP Backdoor now keeps running till the stopstring is matched.
- An option has been added for no exfiltration of data. Choose 0 when Kautilya asks for exfil option.
Please update your repos or download the source from the repository here http://code.google.com/p/kautilya/
On a related note, Paul - the maker of Teensy pushed some updates for non-English keyboards. See the thread here (Thanks to Lorenz for reporting this): http://forum.pjrc.com/threads/23688-Possible-bug-with-windows-and-a-German-keyboard-layout. Please let me know if it helps with the problems for non-English keyboard users.
Please feel free to report bugs and feedback.
Download and Execute Powerhell Script - As the name suggests this script downloads a powershell script and executes it on the target.
Remove Update - Remove all or security or a specific hotfix from the target. Great way to introduce vulnerability on a target.
LSA Secrets - Dump LSA Secrets from a victim. The payload detects 32-bit or 64-bit machine and calls the proper version of powershell accordingly.
I am always looking for contributors, if you want to contribute to Kautilya (or Nishang) do not hesitate to contact me.
Please refer to the CHANGELOG below for details.
0.4.4
- Added "Download and Execute Powershell Script" windows payload.
- Added "Remove Update" windows payload.
- Added "LSA Secrets" windows payload.
- Updated "DNS TXT Backdoor". It is much more easy to use now.
- Renamed Wait for Command to HTTP Backdoor
- HTTP Backdoor now keeps running till the stopstring is matched.
- An option has been added for no exfiltration of data. Choose 0 when Kautilya asks for exfil option.
Please update your repos or download the source from the repository here http://code.google.com/p/kautilya/
On a related note, Paul - the maker of Teensy pushed some updates for non-English keyboards. See the thread here (Thanks to Lorenz for reporting this): http://forum.pjrc.com/threads/23688-Possible-bug-with-windows-and-a-German-keyboard-layout. Please let me know if it helps with the problems for non-English keyboard users.
Please feel free to report bugs and feedback.
small typo: - Updated "DNS TXT Backdoor". It is much more easy to use [[[k]]]now. Good job :)
ReplyDeleteFixed :)
DeleteHello Nikhil,
ReplyDeleteare you still alive? haven read news for some weeks now.....
Yes, still alive :)
Deletehow can update kautilya v0.2.0 to 0.4.4
ReplyDeleteGreat remarkable things here. I¡¦m very glad to peer your article. Thank you so much and i'm taking a look ahead to contact you. Will you kindly drop me a e-mail?
ReplyDelete