Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Embedding a "UAC-Bypassing" function into your custom payload

License

NotificationsYou must be signed in to change notification settings

hackernese/SneakyEXE

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

  /$$$$$$                                /$$                 /$$$$$$$$ /$$   /$$ /$$$$$$$$ /$$__  $$                              | $$                | $$_____/| $$  / $$| $$_____/| $$  \__/ /$$$$$$$   /$$$$$$   /$$$$$$ | $$   /$$ /$$   /$$| $$      |  $$/ $$/| $$      |  $$$$$$ | $$__  $$ /$$__  $$ |____  $$| $$  /$$/| $$  | $$| $$$$$    \  $$$$/ | $$$$$     \____  $$| $$  \ $$| $$$$$$$$  /$$$$$$$| $$$$$$/ | $$  | $$| $$__/     >$$  $$ | $$__/    /$$  \ $$| $$  | $$| $$_____/ /$$__  $$| $$_  $$ | $$  | $$| $$       /$$/\  $$| $$      |  $$$$$$/| $$  | $$|  $$$$$$$|  $$$$$$$| $$ \  $$|  $$$$$$$| $$$$$$$$| $$  \ $$| $$$$$$$$ \______/ |__/  |__/ \_______/ \_______/|__/  \__/ \____  $$|________/|__/  |__/|________/                                                   /$$  | $$                                                                                |  $$$$$$/                                                                                 \______/

A tool which helps you embedding a UAC-Bypassing function into your custom Win32 payloads ( x86_64 architecture specifically )

  • Tested on Windows 7,8,10 ( 64bit)
  • Free and Open-sourced with full source codes published
  • If it's not working anymore, please notify me

Requirements:

LinuxWindows
ArchitectureOptionalx86_64
Python 3.x >YESNO
ModuletermcolorNO
DistrosAnyWindows
VersionAnyWindows 7,8,10

Usage:

[ Linux ]:

This tool does require a python module calledtermcolor. When you run the script it will automatically install it if you haven't, but if you want the tool to function faster, i would suggest you doing it manually before proceeding

$ pip3 install termcolor#installing termcolor
$#Temporary usage only, installation below$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git$cd SneakyEXE/Linux$ chmod +x sneakyexe.py$ ./sneakyexe<option>=<path to payload/code> out=<where you wanna save>

[ Windows ]:

  • visithttps://github.com/Zenix-Blurryface/SneakyEXE
  • Download the repository, "clone or download" -> "Download ZIP"
  • Unzip it into your optional directory
  • Change dir to \SneakyEXE\Win32\
  • Execute sneakyexe.exe ( or sys\sneakyexe.exe for an improved startup speed )
  • ( Optional : you can copy sneakyexe.exe to whatever directory you want and delete the unzipped one )
- NOTE -The payload can only be successfully executed by the user with Administrator privilege. Users with limited token wouldn't succeed.

Installation:

[ Linux ]:

$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git$cd SneakyEXE$ chmod +x install.sh$ sudo ./install.sh

[ Windows ]:

  • UNAVAILABLE
  • ( Soon will if many people demand )

Build:

  • Built on Opensuse Leap 15.0
  • Developed usingPython 3.6.5
  • Developed withgcc (MinGW.org GCC-8.2.0-3) 8.2.0 for the payload compilation
[ Payload Embedding ]
  • In order to build the elevator from source, you will needgcc gcc 8.2.0 (c11 ) and a AMD64 machine with Windows 10(7/8) 64-bit installed.
# Windows 10/7/8 (AMD64)# Open cmd.exe / powershell.exe>> gcc -mwindows -o<output>.exe /source/main.c
[ GUI Version ]
  • In order to build the GUI version from source, you will needPython 3.5.6 ( or higher ) with modules likePyinstaller,Pillow and a AMD64 machine with Windows 7 64-bit installed.
# Assume we already had  Python preinstalled# Open cmd.exe / powershell.exe>> pip install pillow# Installing Pillow>> pip install pyinstaller# Installing Pyinstaller>> mkdir compile# Optional directory name>>cd compile>> pyinstaller --windowed --onefile --icon=Icon.ico /source/Win32/GUI.py# For sysematic version ( /sys ), remove --onefile>>cd dist>> GUI.exe# The compiled executable :}

Disclaimer:

  • This tool was made for academic purposes or ethical cases only. I ain't taking any resposibility upon your actions if youabuse this tool for any black-hat acitivity
  • Feel free to use this project in your software, justdon't reclaim the ownerhsip.

Release:

  • v0.9 beta

Credits:

This tool does embed UACme which was originally coded by hfiref0x but the rest was pretty much all coded by me ( Zenix Blurryface )

Author:

Copyright © 2019 by Zenix Blurryface

About

Embedding a "UAC-Bypassing" function into your custom payload

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published
[8]ページ先頭
©2009-2025 Movatter.jp