[Nishang v0.3.0] The PowerShell for Penetration Testing released (introducing Powerpreter)

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.

Powerpreter is a powershell module. I decided to make it a part of Nishang as there is a large amount of repeated code. This post assumes that we have Administrative access to a Windows 7 machine. 

Powerpreter can surely be used as a non-admin user but obviously with limited (but still useful functionalities. Like other scripts in Nishang, I have tried my best to keep powerpreter compatible to powershellv2 so you may see some code which could be done by a cmdlet in powershellv3 and v4.

Changelog

  • Added Powerpreter
  • Added Execute-DNSTXT-Code
  • Bug fix in Create-MultipleSessions.
  • Changes to StringToBase64. It now supports Unicode encoding which makes it usable with -Encodedcommand.
  • More Changes to StringToBase64. Now a file can be converted.
  • Added Copy-VSS
  • Information_Gather shows output in better format now.
  • Information_Gather renamed to Get-Information.
  • Wait for command renamed to HTTP-Backdoor.
  • Time_Execution renamed Execute-OnTime
  • Invoke-PingSweep renamed to Port-Scan
  • Invoke-Medusa renamed to Brute-Force

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s