How to excute the payload throw cmd

t3l3machus / Villain

Villain is a high level stage 0/1 C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

Other

3.72k stars 598 forks source link

How to excute the payload throw cmd #56

Closed ithebesha closed 1 year ago

ithebesha commented 1 year ago

Hello

its really powerful tool i loved it sooooooooooo much

can you give example if i want to excute the payload throw cmd

for example

CMD> powershell -command " 'payload' "

t3l3machus commented 1 year ago

@ithebesha

Generate a Windows payload with Villain.
Go to https://www.base64encode.org/, paste the payload, at the "Destination character set" option choose "UTF-16LE" and hit Encode.
Copy the base64 output. You can use that in cmd like: powershell -e <BASE64 OUPUT>

ithebesha commented 1 year ago

@t3l3machus

i tried the same but its not showing any sessions in villain

t3l3machus commented 1 year ago

I'm pretty sure this works, there must be something else going on if you don't see a session. Maybe you tried it with a used payload (the hoaxshell type of payloads are not reusable)? Maybe a mistake with the IP address to connect back? This solution works, try some more, you'll get it.