- Fix: When using
SeparateAMSI, the clipboard entry was ignored - Change: Use AES instead of slow RC4 after the AMSI bypass has been applied
- Add: Parameter
-OutFiletoRun-DotNETExe - Fix: Set default argument to
Run-DotNETExe - Add: static files view (@exploide)
- Add: Separate AMSI Bypass
- Fix: Defeat Defender
- Fix: Update socket.io
- Fix: Make compatible with PS2
- Fix: Bypass newest Windows Defender
- Change: Obfuscate more parts of the PowerShell stager
- Change: Always apply Rasta Mouse's AMSI bypass after the first bypass in order to make loading of assemblies possible
- Fix: Make
Get-SysInfomore robust in case a Cmdlet is missing
- New feature: Place everything but the modules and generated certificates in a workspace directory
- Change: Bypass new malware detection by Windows Defender
- New feature: Ability to generate payloads on the fly (exe, .NET, vbs)
- Change: Use bootstrap toasts instead of messages
- Change: Include more information in Get-SysInfo
- Change: Use AES instead of RC4 in some cases for more performance
- Change: Clean up dependencies and add
setup.py
- New feature: Ability to either open files in the File Exchange in browser or download them
- New feature: A 'static' directory, so PowerHub can be used to serve static files
- Fix: Things didn't work if
$XDG_DATA_HOMEwas non-empty
- New feature: Automatically load 'profile.ps1' from data home at the end of the payload
- New feature: Get-Loot transfers local credential information from the LSASS process, the SAM hive and other back to PowerHub
- New feature: executing clipboard entry content upon executing PowerHub on target
- New feature: Offer options in the download cradle builder
- New feature: Clipboard entries are now editable
- Let the user choose the AMSI bypass (several included)
- New feature: certificate pinning for self-sigend certs
- PushTo-Hub now encrypts the data before sending it
- Made the PowerShell code more idiomatic (look out for changes in Load-HubModule, Run-Exe, Run-Shellcode and Run-DotNETExe)
- Cleaned up the PowerShell output (#40)
- Removed the Receiver from the web interface, as the feature proved to be not ready yet
- Refactor some code for internal improvements
- Change WebDAV directory structure to allow for proper read/write access
- Move all user directories to
$XDG_DATA_HOME/.local/share/powerhubto enable usage on multi user systems - Return module object on Load-HubModule so it can be passed to Run-Exe and similar commands
- Add Save-HubModule
- Obfuscate reverse shell traffic
- Ensure PowerShell v2 compatibility
- On the event of an incoming shell, the entry is faded in nicely in the webapp. (#31)
- Made command line parameters more persistent: -p -> -lp -l -> -lh -u -> -up
- Use a random password if neither '--auth' nor '--no-auth' are given.
- Generate a self-signed certificate if the user does not provide one. This way, SSL/TLS can be enabled by default.