Powershell-RAT | A Backdoor Tool to Extract Data via Gmail

Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor Windows machines. It tracks user activity using screen capture and sends the information to an attacker as an e-mail attachment. The tool is FUD as of Black Hat 2019, you can find the presentation slides HERE.

Installation


This tool requires Python3 and a windows machine
1 – Go to Github Repository

2 – Download as ZIP
3 – Extract Here

4 – Content of the file

5 – Before running the script change those values with your newly created Gmail Account details in Mail.ps1
$username $password
and $msg.From and $msg.To.Add with throwaway Gmail addresses

Usage

1 – Open CMD with admin privileges and navigate the Powershell-RAT Folder
For me, it will look like this

2 – Execute the script

3 – Let’s try HailMary for a quick Backdoor option
Write: “8” to choose Hail Mary

4 – After Choosing "8" You will get something like this

5 – We can open task schedulers in Windows to check the task created

As we can see the backdoor is successfully executed in the victim machine

What Bunny Rating Does it Get?


Pros

– Stealthy
– Easy to Use
– Many useful options

Cons

– Requires “Allowing Gmail for a less secure app ” In order to work
– Needs more Features

Based on the above we are awarding the tool 4/5 bunnies

Want To Learn More About Ethical Hacking ?

We have a networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

Related posts

BruteDum- A network attack bruteforce tool

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

A Review of DNS Enumeration Tool: DNSEnum