Loading...
Friday, February 22, 2013

Nishang 0.2.5 Released: Get WLAN keys in plain, Remove update and bug fixes

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.

PAYLOADS
It contains many interesting scripts like download and execute, keylogger, dns txt pwnage, wait for command 
and much more.

HELP
All payloads and scripts are Get-Help compatible. Use "Get-Help <scriptname.ps1> -full" on a PowerShell prompt to get full help details.

LATEST CODE
Checkout svn repo for latest code

CONTACT
Please report bugs, feedback and feature requests to nikhil dot uitrgpv at gmail.com

about Nishang 0.2.5. Two new payloads which are borrowed from other sources (and went unnoticed for months lying in one of my VMs) have been added:

1. Get-WLAN-Keys dumps WLAN keys in clear text, handy!!. The code is borrowed from this code by Jan Egil Ring. An elevated shell is required to dump the keys.

2. Remove-Update could be used to remove all updates, all security updates or a particular update from a target machine. The script calls wusa.exe to do so. This is based on this post by Trevor Sullivan. This payload could be useful to re-introduce a patched vulnerability (an easy way of backdooring a system). Administrator access is required to remove most updates.

Also, some stupid bugs with Credentials payload hav been fixed. This payload has been bugging me (or I am bugging it :P) from the first release of Nishang. I hope to bring some peace to it.

Download - 
The Nishang repo has been updated. Please update your repos.

Changelog:
0.2.5
- Added Get-WLAN-Keys payload.
- Added Remove-Update payload.
- Fixed help in Credentials.ps1
- Minor changes in Donwload_Execute and Information_Gather.


Source-

http://labofapenetrationtester.blogspot.in/
http://code.google.com/p/nishang/

Screenshot-














Previous post regarding NISHAG-

http://santoshdudhade.blogspot.in/2012/09/nishang-using-powershell-for.html

0 comments:

Post a Comment

 
TOP