





4





4 Shares

Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor Windows machines. It tracks user activity using screen capture and sends the information to an attacker as an e-mail attachment. The tool is FUD as of Black Hat 2019, you can find the presentation slides HERE.

Installation

This tool requires Python3 and a windows machine

1 – Go to Github Repository



2 – Download as ZIP

3 – Extract Here



4 – Content of the file



5 – Before running the script change those values with your newly created Gmail Account details in Mail.ps1

$username $password

and $msg.From and $msg.To.Add with throwaway Gmail addresses



Usage

1 – Open CMD with admin privileges and navigate the Powershell-RAT Folder

For me, it will look like this



2 – Execute the script



3 – Let’s try HailMary for a quick Backdoor option

Write: “8” to choose Hail Mary



4 – After Choosing "8" You will get something like this



5 – We can open task schedulers in Windows to check the task created



As we can see the backdoor is successfully executed in the victim machine

What Bunny Rating Does it Get?

Pros

– Stealthy

– Easy to Use

– Many useful options

Cons

– Requires “Allowing Gmail for a less secure app ” In order to work

– Needs more Features

Based on the above we are awarding the tool 4/5 bunnies

Want To Learn More About Ethical Hacking ?

We have a networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.