Kautilya 0.5.0 - Passwords in Plain, Exfiltrate SAM, Code Exec and more


Kautilya is a toolkit which provides various payloads for a Human Interface Device which may help in breaking in a computer during penetration tests.
List of Payloads
Windows
Gather
  • Gather Information
  • Hashdump and Exfiltrate
  • Keylog and Exfiltrate
  • Sniffer
  • WLAN keys dump
  • Get Target Credentials
  • Dump LSA Secrets
  • Dump passwords in plain
  • Copy SAM (VSS)
  • Dump Process Memory

- Dump Windows Vault Credentials

Execute
  • Download and Execute
  • Connect to Hotspot and Execute code
  • Code Execution using Powershell
  • Code Execution using DNS TXT queries
  • Download and Execute PowerShell Script
  • Execute ShellCode
Backdoor
  • Sethc and Utilman backdoor
  • Time based payload execution
  • HTTP backdoor
  • DNS TXT Backdoor
  • Wireless Rogue AP
  • Tracking Target Connectivity
Escalate
  • Remove Update
  • Forceful Browsing
Manage
  • Add an admin user
  • Change the default DNS server
  • Edit the hosts file
  • Add a user and Enable RDP
  • Add a user and Enable Telnet
  • Add a user and Enable Powershell Remoting
Misc
  • Browse and Accept Java Signed Applet
  • Speak on Target
Linux
  • Download and Execute
  • Reverse Shells using built in tools
  • Code Execution
  • DNS TXT Code Execution
  • Perl reverse shell (MSF)
OSX
  • Download and Execute
  • DNS TXT Code Execution
  • Perl Reverse Shell (MSF)
  • Ruby Reverse Shell (MSF)
Payloads Compatibility
  • The Windows payloads and modules are written mostly in powershell (in combination with native commands) and are tested on Windows 7 and Windows 8.
  • The Linux payloads are mostly shell scripts (those installed by default) in combination with commands. These are tested on Ubuntu 11.
  • The OS X payloads are shell scripts (those installed by default) with usage of native commands. Tested on OS X Lion running on a VMWare

CHANGELOG:
0.5.0

  • Added Execute Shellcode for Windows (under Execution menu).
  • Added "Dump passwords in plain" for Windows (under Gather menu).
  • Added "Copy SAM (VSS)" for Windows (under Gather menu).
  • Added "Dump Process Memory" for Windows (under Gather menu).
  • Added "Dump Windows Vault Credentials" for Windows (under Gather menu).
  • Added "Add a user and Enable Powershell Remoting" for Windows (under Manage menu).
  • Added support for Gems bundler.
  • Added more banners of Kautilya.