Villain-Unleashed new features demo 2023
Help the project grow with a Star or by following me on Github:
⭐ Repository ➡ github.com/t3l3machus/Villain
⚡️ Please subscribe and connect:
GitHub ➡ github.com/t3l3machus
Twitter ➡ / t3l3machus
Linkedin ➡ / t3l3machus
💚 Respect on HackTheBox:
app.hackthebox.com/profile/87301
00:00 - Intro
00:25 - Payload generator changes
03:21 - Pseudo shell prompt improvements
04:19 - File uploads
05:40 - Invoke-ConPtyShell
12:40 - Exec command
08:13 - Chat feature
09:35 - HoaxShell new payloads
Пікірлер: 99
You're always making incredible projects, love what you do !
@HaxorTechTones
Жыл бұрын
Thanks so much!! 🤩
Thx for your project . It is very fantastic
You are amazing man i love the project keep it up
🎉🎉🎉 love the new changes!
Amazing as always ❤❤
Great to see it! :)
Thank you, my friend, that you are not brilliant, but you talk and think that most of those who watch you are professionals. I hope you will take into account that we are new to this field.
A new subscriber for this dude here from Morocco
Amazing bro 😍😍
Great work.
@HaxorTechTones
Жыл бұрын
Thanks for the support!
Love this :)
@HaxorTechTones
Жыл бұрын
Thank you 💚
Best my friend
Wow awesome job t3l3machus ⚡⚡
@HaxorTechTones
Жыл бұрын
Thank you!
nice
This is so good, and you are one hell of a software developer👍 I hope your employer pays you well my friend!
товарищ
Welcome back 🔙
@HaxorTechTones
Жыл бұрын
Good to be back
When I execute the payload on the target machine windows doesn't flag it or stop it ,and it's like it worked but when I check back on the attacker computer there's no shell session? Does the victim computer also have to have netcat?
how do i put hoaxshell payloads into : . ps1 file and just fake to. png or some image file extension, and when they click on it executed and just hide or close the powershell right away
there's a bug in the coolest shell (the cmd one) but let's leave it like that. these who know a little bit of batch will be able to pinpoint this miniscule issue in a heartbeat and those that don't probably shouldn't be using it anyway. wish it was more stable though because i like the idea. gotta try expanding this one template
@HaxorTechTones
Жыл бұрын
So, what's the bug mate?
@lumikarhu
Жыл бұрын
@@HaxorTechTones I hosted the c2 under my domain with a real cert, not self signed. hence i picked the hoax/https cmd with curl. The payload simply doesn't execute in the current version without a simple modification on windows 10. The problem lies in the iterational part of the payload, i already feel like i said too much. let's not get it signatured too early. it's a byte too short. the easiest way to understand it is to know the difference between pasting the payload into the cmd and launching it out of a bat file - that's how i spotted it. each of the ways of starting it gave me different errors so i pinpointed it rather quickly, but if you still wanna know i insist on different channels of communication
Dude, your project is great... But I have some issue with villain...I can't jumped into cmd, I am unable to download file and execute file through this shell.. And some commend doesn't work... can you tell me how to solve it... Please reply 🙏... Thank you
how can i take a screenshots desktop from the target machine
Hi bro
Error parasiong LHOST, Invalid Ip or interface am trying to use ngrok ):
when i try using it, it doesnt send back any sort of connection or message at all to villain. i send it in powershell and did everything the exact same that you did. Any idea how to fix it?
Can i run .ps1 script on Kali into Windows Machine with Villain? Cause .ps1 script is detected by Windows Defender on Windows
Please make a video to port forwarding 🙏
how to use persistence? give me answer
Hello! What an incredible project! Tell me is there any way to migrate connection to meterpreter?
@HaxorTechTones
Жыл бұрын
Hi, thanks! Not yet, working on it. Stay tuned!
Is it possibile to do a persistent shell?🙏
Why does my netcat tcp reverse shell lose connection after a while without doing anything? I managed to establish the connection and after aprox 5 mins it loses connection, why is it doing that?
@HaxorTechTones
Жыл бұрын
It shouldn't be doing this, never had that issue. You need to provide some info, maybe open an issue on github with screenshots. Does the shell session stop working or does villain mark the connection as lost? Are you sure there's no event occurring that leads to the session loss?
@andrewlawrence1328
Жыл бұрын
@@HaxorTechTones ok so I forgot to mention that i am using ngrok and it seems that the problem occurs only when using ngrok, because I don't have this problem inside my LAN.
Hi ! Do I need to use obf payload in order to use the upload tool ? I'm getting denied access response when I'm trying to copy simple texts to my desktop ?
@HaxorTechTones
2 ай бұрын
Make sure to add the file name to the path you want the file to be uploaded, not only the dir.
@theoruiz-hidalgo2110
2 ай бұрын
@@HaxorTechTones It seems better but still not working, when I keep my hard disk name it says : the generic path isn't resolved when I just type the path from /users, as you did, it says : non-conforming character (translate from french, hope you will get it :/)
@theoruiz-hidalgo2110
2 ай бұрын
Ok just got it !!! The problem was that I kept writing the full path, like I was in C:/Users/TheGuyIAm and I kept writing C:/Users/TheGuyIAm/Desktop/TheFileIWant when I should have written /source_path \desktop\TheFileIWant
@theoruiz-hidalgo2110
2 ай бұрын
@@HaxorTechTones And thx ! You're the best !
@theoruiz-hidalgo2110
2 ай бұрын
One last question, I tried connecting to an FTP server using Villain but kept blocking at the connection step, is it normal or ?
I need help. After uploading the payload to the powershell it won't establish the connection, it doesn't show the message:"Backdoor session established on ...".Does it only happen to me? Someone help me pls.
@philxdes1573
11 ай бұрын
im having the same issue, have you figured it out?
@adamouassar1859
11 ай бұрын
@@philxdes1573 The problem was that I had a bad configuration of kali linux in virtual studio code. Try going to the settings of the machine, to the network option and change the first option to bridge adapter.
does it support the single payload works for many victims as it previously supports only 1 payload 1 victim as far as i know
@johnazure
Жыл бұрын
i dont think so...
@HaxorTechTones
Жыл бұрын
You can use TCP socket based reverse shell commands to do that, those are reusable. The hoaxshell ones are one timers
Dude you doing great.. But how can we maintain persistent.. If we don't make persistent..then there is nothing in this tool.. Please tell me how can we maintain persistent
My villain isn't working 😢 It doesn't get a reverse shell
Hey bro your work is awesome... Can you please tell me how to persistent it.. How can we get connection afer reboot victim pc.. Thank you
@HaxorTechTones
Жыл бұрын
Hey, thanks! That's kind of complex to pull off. I might make a video about it in the future :)
@Alexander-rj8he
Жыл бұрын
@@HaxorTechTones thanks bro😃
well done do you accept pull requests?
@HaxorTechTones
11 ай бұрын
Hi, thanks! Currently, I don't. kind of figuring out the direction of the project.
sir, it is still detecting generate powershell. But i like your video.
ok now we need how to bypass antivirus.
@HaxorTechTones
Жыл бұрын
kzread.info/dash/bejne/maaHpMaTlLjfkZM.html
sir port forwarding
Hello! is there a way to download stuff from the victim pc? I tried everything but couldn't maybe I just suck :*)
@HaxorTechTones
9 ай бұрын
Hi, in an automated manner, like, "download /path/to/file", not yet unfortunately, but the feature will be added in a future update :)
@thepilotsparrow
9 ай бұрын
@@HaxorTechTonesYoooo! You are the best
obfuscate don t work anymore, can you say me tools for this?
Sir, why can't I upload files?
Can we download files from the backdoor system?
@HaxorTechTones
Жыл бұрын
not yet ¯\_(ツ)_/¯
@osmanali176
Жыл бұрын
@@HaxorTechTones ok bro
@osmanali176
Жыл бұрын
Can we download files using the shell?
@johnazure
Жыл бұрын
@@osmanali176 you can do it manually from within powershell... you can make a script that uploads files to dropbox using dropbox api... theres a tutorial here youtube.
@osmanali176
Жыл бұрын
@@johnazure can you share me the link?
It this work over internet by ngrok or something
@hellresistor
3 ай бұрын
dig a little bit ;)
if victom pc restart will vilain still work plz anwser ??
@HaxorTechTones
Жыл бұрын
No, you would have to work on persistence by e.g., injecting a malicious periodically executed task or backdoor a startup service. The content on this channel is for authorized assessments. Don't try weird monkey stuff against machines you do not have permission to test.
@hackerworld391
Жыл бұрын
@@HaxorTechTones i know i just ask and im 14 year im begener in hacking can if a make that file auto run file
How can we bypass Anti-virus as these payloads are detecting it?
@HaxorTechTones
Жыл бұрын
The trick is to edit the payload templates and replace the commands with obfuscated versions of them. I'll make a how-to video about it soon.
@osmanali176
Жыл бұрын
@@HaxorTechTones thanks bro I am waiting for it😁
buddy you need to add channel tags to get views
@HaxorTechTones
Жыл бұрын
👍
Pal if you don’t mind can I have the old version of villain pls?
@HaxorTechTones
Жыл бұрын
You are breaking my heart. Why?
@RAVEN---
Жыл бұрын
Nothing like that I just want the older version
@RAVEN---
Жыл бұрын
I am just more comfortable with the older one that’s all
@RAVEN---
Жыл бұрын
@t3l3machus so can I have it...
@HaxorTechTones
Жыл бұрын
I will add it in the github "releases" soon
you are amazing!!! How can upload to remote file path with blank spaces? = upload /localpath/text.txt emotepath\blank space\text.txt?
why am i getting this error when I try to do the same ? At line:1 char:1 + Start-Process $PSHOME\powershell.exe -ArgumentList {$client = New-Obj ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This script contains malicious content and has been blocked by your antivirus software. + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException + FullyQualifiedErrorId : ScriptContainedMaliciousContent
@HaxorTechTones
Жыл бұрын
Because the payload is getting caught by your anti-virus. Check out this video on how to bypass it -> kzread.info/dash/bejne/maaHpMaTlLjfkZM.html