SneakyEXE - Embedding "UAC-Bypassing" Function Into Your Custom Payload
A tool which helps you embedding UAC-Bypassing function into your custom Win32 payloads ( x86_64 architecture specifically )
- Tested on Windows 7,8,10 ( 64bit)
- Free and Open-sourced with full source codes published
Requirements:
Linux | Windows | |
---|---|---|
Architecture | Optional | x86_64 |
Python 3.x > | YES | NO |
Module | termcolor | NO |
Distros | Any | Windows |
Version | Any | Windows 7,8,10 |
Usage:
[ Linux ]:
This tool does require a python module called termcolor
. When you run the script it will automatically install it if you haven't, but if you want the tool to function faster, i would suggest you doing it manually before proceeding
$ pip3 install termcolor #installing termcolor
$ #Temporary usage only, installation below
$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE/Linux
$ chmod +x sneakyexe.py
$ ./sneakyexe <option>=<path to payload/code> out=<where you wanna save>
- visit https://github.com/Zenix-Blurryface/SneakyEXE
- Download the repository, "clone or download" -> "Download ZIP"
- Unzip it into your optional directory
- Change dir to \SneakyEXE\Win32\
- Execute sneakyexe.exe ( or sys\sneakyexe.exe for an improved startup speed )
- ( Optional : you can copy sneakyexe.exe to whatever directory you want and delete the unzipped one )
- NOTE -
The payload can only be successfully executed by the user with Administrator privilege. Users with limited token wouldn't succeed.
Installation:
[ Linux ]:
$ git clone https://github.com/Zenix-Blurryface/SneakyEXE.git
$ cd SneakyEXE
$ chmod +x install.sh
$ sudo ./install.sh
UNAVAILABLE
- ( Soon will if many people demand )
Build:
- Built on Opensuse Leap 15.0
- Developed using
Python 3.6.5
- Developed with
gcc (MinGW.org GCC-8.2.0-3) 8.2.0
for the payload compilation
[ Payload Embedding ]
- In order to build the elevator from source, you will need
gcc gcc 8.2.0
(c11
) and a AMD64 machine with Windows 10(7/8) 64-bit installed.
# Windows 10/7/8 (AMD64)
# Open cmd.exe / powershell.exe
>> gcc -mwindows -o <output>.exe /source/main.c
[ GUI Version ]
- In order to build the GUI version from source, you will need
Python 3.5.6
( or higher ) with modules likePyinstaller
,Pillow
and a AMD64 machine with Windows 10 (7/8) 64-bit installed.
# Assume we already had Python preinstalled
# Open cmd.exe / powershell.exe
>> pip install pillow # Installing Pillow
>> pip install pyinstaller # Installing Pyinstaller
>> mkdir compile # Optional directory name
>> cd compile
>> pyinstaller --windowed --onefile --icon=Icon.ico /source/Win32/GUI.py # For sysematic version ( /sys ), remove --onefile
>> cd dist
>> GUI.exe # The compiled executable :}
Disclaimer:
- This tool was made for academic purposes or ethical cases only. I ain't taking any resposibility upon your actions if you
abuse this tool
for any black-hat acitivity - Feel free to use this project in your software, just
don't reclaim the ownerhsip
.
Release:
- v0.9 beta
Credits:
This tool does embed UACme which was originally coded by hfiref0x but the rest was pretty much all coded by me ( Zenix Blurryface )
- hfiref0x --> https://github.com/hfiref0x
Author:
Copyright © 2019 by Zenix Blurryface
SneakyEXE - Embedding "UAC-Bypassing" Function Into Your Custom Payload
Reviewed by Zion3R
on
6:23 PM
Rating: