Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor Windows machines. It tracks user activity using screen capture and sends the information to an attacker as an e-mail attachment. The tool is FUD as of Black Hat 2019, you can find the presentation slides HERE.
Installation
This tool requires Python3 and a windows machine
1 – Go to Github Repository
2 – Download as ZIP
3 – Extract Here
4 – Content of the file
5 – Before running the script change those values with your newly created Gmail Account details in Mail.ps1
$username
$password
and $msg.From
and $msg.To.Add
with throwaway Gmail addresses
Usage
1 – Open CMD with admin privileges and navigate the Powershell-RAT Folder
For me, it will look like this
2 – Execute the script
3 – Let’s try HailMary for a quick Backdoor option
Write: “8” to choose Hail Mary
4 – After Choosing "8"
You will get something like this
5 – We can open task schedulers in Windows to check the task created
As we can see the backdoor is successfully executed in the victim machine
What Bunny Rating Does it Get?
Pros
– Stealthy
– Easy to Use
– Many useful options
Cons
– Requires “Allowing Gmail for a less secure app ” In order to work
– Needs more Features
Based on the above we are awarding the tool 4/5 bunnies
Want To Learn More About Ethical Hacking ?
Do you know of another GitHub related hacking tool?
Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.