Villain-Unleashed new features demo 2023

Подписаться 4,8 тыс.

Просмотров 10 тыс.

50% 1

Help the project grow with a Star or by following me on Github:
⭐ Repository ➡ github.com/t3l3machus/Villain
⚡️ Please subscribe and connect:
GitHub ➡ github.com/t3l3machus
Twitter ➡ / t3l3machus
Linkedin ➡ / t3l3machus
💚 Respect on HackTheBox:
app.hackthebox.com/profile/87301
00:00 - Intro
00:25 - Payload generator changes
03:21 - Pseudo shell prompt improvements
04:19 - File uploads
05:40 - Invoke-ConPtyShell
12:40 - Exec command
08:13 - Chat feature
09:35 - HoaxShell new payloads

Опубликовано:

24 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 99

@0dayCTF Год назад

You're always making incredible projects, love what you do !

@HaxorTechTones Год назад

Thanks so much!! 🤩

@igornemorssa2936 2 месяца назад

Thx for your project . It is very fantastic

@elmehdioubouhouch 10 месяцев назад

You are amazing man i love the project keep it up

@astrided94 Год назад

🎉🎉🎉 love the new changes!

@_shariq Год назад

Amazing as always ❤❤

@spyidonpitikaris7229 Год назад

Great to see it! :)

@snowden-IT Год назад

Thank you, my friend, that you are not brilliant, but you talk and think that most of those who watch you are professionals. I hope you will take into account that we are new to this field.

@elmehdioubouhouch 10 месяцев назад

A new subscriber for this dude here from Morocco

@dcrash_ Год назад

Great work.

@HaxorTechTones Год назад

Thanks for the support!

@InfoSecPat Год назад

Love this :)

@HaxorTechTones Год назад

Thank you 💚

@narekkay Год назад

Wow awesome job t3l3machus ⚡⚡

@HaxorTechTones Год назад

Thank you!

@Asparuxredsnow Год назад

Amazing bro 😍😍

@ajayshripal4027 10 месяцев назад

Best my friend

@chandler-barry Год назад

nice

@kirtib Год назад

This is so good, and you are one hell of a software developer👍 I hope your employer pays you well my friend!

@hpmh7568 Месяц назад

how do i put hoaxshell payloads into : . ps1 file and just fake to. png or some image file extension, and when they click on it executed and just hide or close the powershell right away

@HarvestHaven09 Год назад

Welcome back 🔙

@HaxorTechTones Год назад

Good to be back

@cynicalsinner7656 11 месяцев назад

When I execute the payload on the target machine windows doesn't flag it or stop it ,and it's like it worked but when I check back on the attacker computer there's no shell session? Does the victim computer also have to have netcat?

@alquranalkarim- 11 месяцев назад

how can i take a screenshots desktop from the target machine

@IvanLarsen-cr4pq 4 месяца назад

товарищ

@mohammedrizwan8324 Год назад

how to use persistence? give me answer

@ooxoox176 4 месяца назад

Error parasiong LHOST, Invalid Ip or interface am trying to use ngrok ):

@Chinmoy-bf6cz Год назад

Dude, your project is great... But I have some issue with villain...I can't jumped into cmd, I am unable to download file and execute file through this shell.. And some commend doesn't work... can you tell me how to solve it... Please reply 🙏... Thank you

@IllllIIIIIlIlIlllll 11 месяцев назад

Is it possibile to do a persistent shell?🙏

@rizkysays Год назад

Can i run .ps1 script on Kali into Windows Machine with Villain? Cause .ps1 script is detected by Windows Defender on Windows

@lumikarhu Год назад

there's a bug in the coolest shell (the cmd one) but let's leave it like that. these who know a little bit of batch will be able to pinpoint this miniscule issue in a heartbeat and those that don't probably shouldn't be using it anyway. wish it was more stable though because i like the idea. gotta try expanding this one template

@HaxorTechTones Год назад

So, what's the bug mate?

@lumikarhu Год назад

@@HaxorTechTones I hosted the c2 under my domain with a real cert, not self signed. hence i picked the hoax/https cmd with curl. The payload simply doesn't execute in the current version without a simple modification on windows 10. The problem lies in the iterational part of the payload, i already feel like i said too much. let's not get it signatured too early. it's a byte too short. the easiest way to understand it is to know the difference between pasting the payload into the cmd and launching it out of a bat file - that's how i spotted it. each of the ways of starting it gave me different errors so i pinpointed it rather quickly, but if you still wanna know i insist on different channels of communication

@philxdes1573 11 месяцев назад

when i try using it, it doesnt send back any sort of connection or message at all to villain. i send it in powershell and did everything the exact same that you did. Any idea how to fix it?

@adamouassar1859 11 месяцев назад

I need help. After uploading the payload to the powershell it won't establish the connection, it doesn't show the message:"Backdoor session established on ...".Does it only happen to me? Someone help me pls.

@philxdes1573 11 месяцев назад

im having the same issue, have you figured it out?

@adamouassar1859 11 месяцев назад

@@philxdes1573 The problem was that I had a bad configuration of kali linux in virtual studio code. Try going to the settings of the machine, to the network option and change the first option to bridge adapter.

@user-mz2dg6pj3e Год назад

Hello! What an incredible project! Tell me is there any way to migrate connection to meterpreter?

@HaxorTechTones Год назад

Hi, thanks! Not yet, working on it. Stay tuned!

@theoruiz-hidalgo2110 2 месяца назад

Hi ! Do I need to use obf payload in order to use the upload tool ? I'm getting denied access response when I'm trying to copy simple texts to my desktop ?

@HaxorTechTones 2 месяца назад

Make sure to add the file name to the path you want the file to be uploaded, not only the dir.

@theoruiz-hidalgo2110 2 месяца назад

@@HaxorTechTones It seems better but still not working, when I keep my hard disk name it says : the generic path isn't resolved when I just type the path from /users, as you did, it says : non-conforming character (translate from french, hope you will get it :/)

@theoruiz-hidalgo2110 2 месяца назад

Ok just got it !!! The problem was that I kept writing the full path, like I was in C:/Users/TheGuyIAm and I kept writing C:/Users/TheGuyIAm/Desktop/TheFileIWant when I should have written /source_path \desktop\TheFileIWant

@theoruiz-hidalgo2110 2 месяца назад

@@HaxorTechTones And thx ! You're the best !

@theoruiz-hidalgo2110 2 месяца назад

One last question, I tried connecting to an FTP server using Villain but kept blocking at the connection step, is it normal or ?

@linkstoamazingstuffs521 Год назад

My villain isn't working 😢 It doesn't get a reverse shell

@andrewlawrence1328 Год назад

Why does my netcat tcp reverse shell lose connection after a while without doing anything? I managed to establish the connection and after aprox 5 mins it loses connection, why is it doing that?

@HaxorTechTones Год назад

It shouldn't be doing this, never had that issue. You need to provide some info, maybe open an issue on github with screenshots. Does the shell session stop working or does villain mark the connection as lost? Are you sure there's no event occurring that leads to the session loss?

@andrewlawrence1328 Год назад

@@HaxorTechTones ok so I forgot to mention that i am using ngrok and it seems that the problem occurs only when using ngrok, because I don't have this problem inside my LAN.

@SajidQureshi__ Год назад

does it support the single payload works for many victims as it previously supports only 1 payload 1 victim as far as i know

@johnazure Год назад

i dont think so...

@HaxorTechTones Год назад

You can use TCP socket based reverse shell commands to do that, those are reusable. The hoaxshell ones are one timers

@Jamaal_Ahmed 9 месяцев назад

Please make a video to port forwarding 🙏

@Alexander-rj8he Год назад

Hey bro your work is awesome... Can you please tell me how to persistent it.. How can we get connection afer reboot victim pc.. Thank you

@HaxorTechTones Год назад

Hey, thanks! That's kind of complex to pull off. I might make a video about it in the future :)

@Alexander-rj8he Год назад

@@HaxorTechTones thanks bro😃

@callduty5564 Год назад

Dude you doing great.. But how can we maintain persistent.. If we don't make persistent..then there is nothing in this tool.. Please tell me how can we maintain persistent

@osmanali176 Год назад

Hi bro

@thepilotsparrow 9 месяцев назад

Hello! is there a way to download stuff from the victim pc? I tried everything but couldn't maybe I just suck :*)

@HaxorTechTones 9 месяцев назад

Hi, in an automated manner, like, "download /path/to/file", not yet unfortunately, but the feature will be added in a future update :)

@thepilotsparrow 9 месяцев назад

@@HaxorTechTonesYoooo! You are the best

@andreasclaudius9076 4 месяца назад

obfuscate don t work anymore, can you say me tools for this?

@SF-eg3fq 10 месяцев назад

well done do you accept pull requests?

@HaxorTechTones 10 месяцев назад

Hi, thanks! Currently, I don't. kind of figuring out the direction of the project.

@jajbinlimbu8278 Год назад

sir, it is still detecting generate powershell. But i like your video.

@alimuhamed6084 5 месяцев назад

Sir, why can't I upload files?

@number1victory358 Год назад

ok now we need how to bypass antivirus.

@HaxorTechTones Год назад

ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-grSBdZdUya0.html

@osmanali176 Год назад

Can we download files from the backdoor system?

@HaxorTechTones Год назад

not yet ¯\_(ツ)_/¯

@osmanali176 Год назад

@@HaxorTechTones ok bro

@osmanali176 Год назад

Can we download files using the shell?

@johnazure Год назад

@@osmanali176 you can do it manually from within powershell... you can make a script that uploads files to dropbox using dropbox api... theres a tutorial here youtube.

@osmanali176 Год назад

@@johnazure can you share me the link?

@hackerworld391 Год назад

if victom pc restart will vilain still work plz anwser ??

@HaxorTechTones Год назад

No, you would have to work on persistence by e.g., injecting a malicious periodically executed task or backdoor a startup service. The content on this channel is for authorized assessments. Don't try weird monkey stuff against machines you do not have permission to test.

@hackerworld391 Год назад

@@HaxorTechTones i know i just ask and im 14 year im begener in hacking can if a make that file auto run file

@osmanali176 Год назад

How can we bypass Anti-virus as these payloads are detecting it?

@HaxorTechTones Год назад

The trick is to edit the payload templates and replace the commands with obfuscated versions of them. I'll make a how-to video about it soon.

@osmanali176 Год назад

@@HaxorTechTones thanks bro I am waiting for it😁

@osvaldopereo4285 8 месяцев назад

you are amazing!!! How can upload to remote file path with blank spaces? = upload /localpath/text.txt emotepath\blank space\text.txt?

@FREE_FIRE_CHEATS Год назад

sir port forwarding

@BIZLOOK 6 месяцев назад

It this work over internet by ngrok or something

@hellresistorCVC 3 месяца назад

dig a little bit ;)

@RAVEN--- Год назад

Pal if you don’t mind can I have the old version of villain pls?

@HaxorTechTones Год назад

You are breaking my heart. Why?

@RAVEN--- Год назад

Nothing like that I just want the older version

@RAVEN--- Год назад

I am just more comfortable with the older one that’s all

@RAVEN--- Год назад

@t3l3machus so can I have it...

@HaxorTechTones Год назад

I will add it in the github "releases" soon

@BlackTeamSec Год назад

buddy you need to add channel tags to get views

@HaxorTechTones Год назад

👍

@relaxingsounds4536 Год назад

why am i getting this error when I try to do the same ? At line:1 char:1 + Start-Process $PSHOME\powershell.exe -ArgumentList {$client = New-Obj ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This script contains malicious content and has been blocked by your antivirus software. + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException + FullyQualifiedErrorId : ScriptContainedMaliciousContent

@HaxorTechTones Год назад

Because the payload is getting caught by your anti-virus. Check out this video on how to bypass it -> ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-grSBdZdUya0.html