3gstudent/Javascript-Backdoor

Stars
242
Rank 167,048 (Top 4 %)
Language
PowerShell
Created almost 9 years ago
Updated over 7 years ago

3gstudent/Javascript-Backdoor

3gstudent

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Learn from Casey Smith @subTee

Javascript-Backdoor(JSRat)

It is my mistake of naming and the accurate name of this should be JSRat.

Learn from Casey Smith @subTee

https://gist.github.com/subTee/f1603fa5c15d5f8825c0

Blog about it:

《JavaScript Backdoor》

http://en.wooyun.io/2016/01/18/JavaScript-Backdoor.html

《JavaScript Phishing》

http://en.wooyun.io/2016/02/04/42.html

《Use SCT to Bypass Application Whitelisting Protection》

http://en.wooyun.io/2016/04/23/Use_SCT_to_Bypass_Application_Whitelisting_Protection.html

Other nice github:

https://github.com/subTee/PoshRat

https://github.com/Hood3dRob1n/JSRat-Py

Update:

	[+] Fix the time-out bug and some other bugs.
	[+] Get rid of the cmd black box.
	[+] Hide the "systeminfo" black box.
	[-] Leave a bug in Upload and Download Mode.
	[+] Add code to work behind a proxy server.
	[+] Add the way of using sct to start it.
	[+] Add the way of using wsc to start it.

Pentest-and-Development-Tips

A collection of pentest and development tips

Homework-of-C-Language

C/C++ code examples of my blog.

Worse-PDF

Turn a normal PDF file into malicious.Use to steal Net-NTLM Hashes from windows machines.

Homework-of-Python

Python codes of my blog.

List-RDP-Connections-History

Use powershell to list the RDP Connections History of logged-in users or all users

Eventlogedit-evtx--Evolution

Remove individual lines from Windows XML Event Log (EVTX) files

Invoke-BuildAnonymousSMBServer

Use to build an anonymous SMB file server.

msbuild-inline-task

CLR-Injection

Use CLR to inject all the .NET apps

Homework-of-C-Sharp

C Sharp codes of my blog.

pyKerbrute

Use python to perform Kerberos pre-auth bruteforcing

Inject-dll-by-APC

Asynchronous Procedure Calls

SharpRDPCheck

Use to check the valid account of the Remote Desktop Protocol(Support plaintext and ntlmhash)

Inject-dll-by-Process-Doppelganging

Process Doppelgänging

backup-3gstudent.github.io

Smbtouch-Scanner

Automatically scan the inner network to detect whether they are vulnerable.

ntfsDump

Use to copy a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures.

Homework-of-Powershell

powershell codes of my blog.

Use-COM-objects-to-bypass-UAC

Office-Persistence

Use powershell to test Office-based persistence methods

Windows-User-Clone

Create a hidden account

Windows-EventLog-Bypass

Use subProcessTag Value From TEB to identify Event Log Threads

APT34-Jason

Use to perform Microsoft exchange account brute-force.

pyXSSPlatform

Used to build an XSS platform on the command line.

CVE-2017-8464-EXP

Support x86 and x64

bitsadminexec

Use bitsadmin to maintain persistence and bypass Autoruns

Code-Execution-and-Process-Injection

Powershell to CodeExecution and ProcessInjection

Shellcode-Generater

No inline asm,support x86/x64

test

CreateRemoteThread

From 32-bit process to 64-bit process

PasswordFilter

2 ways of Password Filter DLL to record the plaintext password

Dump-Clear-Password-after-KB2871997-installed

From-System-authority-to-Medium-authority

Penetration test

Waitfor-Persistence

Use Waitfor.exe to maintain persistence

Bypass-Windows-AppLocker

NinjaCopy

Powershell to copy ntds.dit

COM-Object-hijacking

use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)

3gstudent.github.io

Winpcap_Install

Auto install WinPcap on Windows(command line)

ewsManage

My exercise of using Exchange Web Service(EWS)

HiddenNtRegistry

Use NT Native Registry API to create a registry that normal user can not query.

Homework-of-Go

Go code examples of my blog.

signtools

From Windows SDK

Eventlogedit-evt--General

Remove individual lines from Windows Event Viewer Log (EVT) files

PNG-Steganography

Steganography Payload

easBrowseSharefile

Use to browse the share file by eas(Exchange Server ActiveSync)

Bypass-McAfee-Application-Control--Code-Execution

Smallp0wnedShell

Small modification version of p0wnedShell

ListInstalledPrograms

List the programs that the current Windows system has installed

AutoIt-Keylogger

Hide-Process-by-kd.exe

powershell to hide process by kd.exe

NodeJS-Downloader

An example of a downloader written in NodeJS.

Use-msxsl-to-bypass-AppLocker

Learn from Casey Smith@subTee

GetExpiredDomains

Search for available domain from expireddomains.net

ExcelDllLoader

Execute DLL via the Excel.Application object's RegisterXLL() method

Add-Dll-Exports

Use to generate DLL through Visual Studio

Execute-CSharp-From-XSLT-TEST

Writeup

interesting analysis

PNG_stego-test

SendMail-with-Attachments

Use powershell to send mail

Catch-specified-file-s-handle

Enumerate all processes and get specified file's handle,then close it.

pdf

IE-BHO-POSTdata-Logger

A sample IE BHO for logging Internet Explorer's POST data.

WanaCrypt0r-Reverse-Analysis

Record my reverse analysis of WanaCrypt0r

bgi-creater

Use BGInfo to bypass Application Whitelisting

Get-Wlan-Keys

Powershell to get wlan keys

Homework-of-Java

Java codes of my blog

3gstudent

regsvr32-test

Test-Exploit-for-Joomla-3.4.4-3.6.4

Test if the website allows user registration

BlogPic