AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability (listed as a feature by Microsoft) allows a remote attacker to view his victim's desktop without his consent, and even control it on-demand, using tools native to the operating system itself.
Thanks to the additional modules, it is possible to obtain a remote shell through Netcat, dump system hashes with Mimikatz, load a remote keylogger and much more. All this, Through a completely intuitive menu in seven different languages.
Additionally, it is possible to use it in a reverse shell through a series of parameters that are described in the usage section.
Requirements Powershell 4.0 or higher
Version 5.0 • New logo completely redesigned from scratch • Full translation in 7 languages: es, en, fr, de, it, ru, pt • Remote execution through a reverse shell with UAC and AMSI Bypass • Partial support from Linux (more information in the user guide) • Improved remote execution (internet connection is no longer necessary on the victim) • New section available: Backdoors and persistence • New module available: Remote Keylogger • New section available: Privilege escalation • New module available: Obtain information from the operating system • New module available: Search vulnerabilities with Sherlock • New module available: Escalate privileges with PowerUp • New section available: Other Modules • New module available: Execute an external script *The rest of the changes can be consulted in the CHANGELOG file
Use This application can be used locally, remotely or to pivot between teams. When used remotely in a reverse shell, it is necessary to use the following parameters: -admin / -noadmin -> Depending on the permissions we have, we will use one or the other -nogui -> This will avoid loading the menu and some colors, guaranteed its functionality -lang -> We will choose our language (English, Spanish, French, German, Italian, Russian or Portuguese) -option -> As with the menu, we can choose how to launch the attack -shadow -> We will decide if we want to see or control the remote device -createuser -> This parameter is optional, the user AutoRDPwn (password: AutoRDPwn) will be created on the victim machine Local execution on one line:
Contact This software does not offer any kind of guarantee. Its use is exclusive for educational environments and / or security audits with the corresponding consent of the client. I am not responsible for its misuse or for any possible damage caused by it. For more information, you can contact through email@example.com