PoshC2_Python/changelog.txt

4.7 (03/02/19)
Added Opsec.py to allow users to state various command that they DO NOT want to run
Added Alias.py to allow users to have their own alias for various commands
Fixed HTML output to sort formatting once again

4.6 (26/12/18)
==============
Updated quickcommand on restart with new IP address
re-print quickstart when restarting C2Server.py
Updated migrate command in implant handler & added Escape for HTML output
Major refector of the portscanner by rolen
Fixed proxy payloads for powershell implant
Updated tasks command
Fixed linuxprivchecker to work through a proxy
Fixed config output for Apache rewrite rules by console
Added ability to load and execute LinuxPrivChecker in memory on *nix by pwndexter
Updated Core DLL for Sharp implant
Updated kill-implant options on Sharp implant
Added Sharp Implant and corresponding DLLs/Shellcode

4.5 (19/11/18)
==============
Removed Invoke-Enum
Merged Get-TokenElevationType.ps1 by jmhickman
Added TLS Config to Python Server
Updated README
Updated Get-IPAddress
Merged OfflineReportGenerator.py by skahwah
Updated to latest PowerUp.ps1
Updated INSTALL notes
Updated to work with FIPSAlgorithmPolicy
Updated to latest Invoke-Kerberoast & Invoke-Mimikatz
Removed process start for Netsh.exe on non migrate executable

4.4 (10/11/18)
==============
Inject Shellcode 32bit to 6bit using https://github.com/Coder666/Invoke-CreateRemoteThread64
Added simple Get-IPConfig cmdlet
Updated to include most recent commits
Updated to add option to upload file that is not Hidden & System
Identify if SSL inspection is enabled for web traffic
Obtain a user hash using the methods from 'Internal-Monologue'
Updated to handle accents on hostnames or users
Updated Get-Processfull & Get-Processlist to handle errors on GetOwner()
Updated syntax error in WMIEvent module
Updated Shellcode/DLL to support scriptblock / transcript bypass
Updated default ps command - Now uses Get-ProcessList not Get-ProcessFull
Updated opsec command to add users compromised
Removed sleep as beacon command - set-beacon, beacon or setbeacon
Updated Unhook-AMSI (https://0x00-0x00.github.io/research/2018/10/28/How-to-bypass-AMSI-and-Execute-ANY-malicious-powershell-code.html)
Removed html and replaced with cgi requirement for HTML encoding on output-to-html
Updated print statements in C2Server,ImplantHandler & AutoLoads in preperation for Python3
Updated output-to-html to escape HTML characters

4.3 (27/10/18)
==============
Updated HTML Output for Implants.html
Updated OPSEC command for persistence
Updated Implant Naming Convention to use [Security.Principal.WindowsIdentity]::GetCurrent()).name
Updated ImplantHandler new User Idenfication for Primary Token Use
Updated Invoke-RunAs under SYSTEM with CreateProcessAsUser
Updated Implant-Core process list to use get-processlist function (pinvoke - CreateToolhelp32Snapshot)
Updated autoloads for cmdlets which were missing
Added standalone msbuild.xml output format to payloads.py
Update Msbuild.xml to work with Windows10 64bit (replaced mem.copy to WriteProcessMemory)
Updated Inject-Shellcode to remove processpath and leave procpath
Added Get-ProcessList Module which uses winapi to do ps list (pinvoke - CreateToolhelp32Snapshot)
Added QueueUserAPC to Inject-Shellcode (migrate -Suspended -QueueUserAPC)
Merge pull request #6 from m0rv4i/update-script
Updated Inject-Shellcode base directory to /proj/payloads
Updated output-to-html to Encode HTML Chars
Updated show-serverinfo
Added CSC output format to payloads.py
Added List-URLs Command to DB
Updated CredPopper puts default username and has minimum password limit
Minor changes to documentation

4.2
====
m0rv4i modified update.sh to stash git changes
m0rv4i added laps command from ImplantHandler to autoload
m0rv4i added Get-LAPSPasswords.ps1

4.1
====
Updated Python Implant to Work with createnewpayload
Removed Error on Time
Added WMIEvents and Incorporated Invoke-SMBClient
Added MSBuild Files to PoshC2
Updated to Include Pushover API
Added KillDate to Python Implant
Updated Get-Keystrokes
Added Hide-Implant Mac
Added Hash Verification on Python Downloader
Added Loadodule and Python execution to Mac
Update get-keystrokes
Added get-keystrokes for Mac
Added Error Handling Mac
Updated Opsec for Persistence Files
Updated Persistence Comment
Updated Persistence Status
Added Crontab Persistence and Download-File for Mac
Updated SMBExec/WMIExec Password Options not to use Add-Type
Added Python Downloader
Updated startanotherimplant
Updated Kill Implant OSx
Updated Pbind
Updated OSX for StartAnotherImplant
Updated Help for OSX
Added Domain Fronting for OSx Implant
Updated Posh EXE Downloader
Updated InstallEXE-Persistence
Added Screenshot Mac OSX
Updated to remove requirement for pycrypto for Python implants
Updated Brute-AD to Add Domain Flag
Updated Brute-AD Module
Updated to include AMSI Bypass
Updated PoshC2 to have the AMSI bypass by default in the Shellcode
v4.7 - fixes and updates 2019-02-03 19:50:40 +00:00			`4.7 (03/02/19)`
			`Added Opsec.py to allow users to state various command that they DO NOT want to run`
			`Added Alias.py to allow users to have their own alias for various commands`
			`Fixed HTML output to sort formatting once again`

Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00			`4.6 (26/12/18)`
			`==============`
v4.7 - fixes and updates 2019-02-03 19:50:40 +00:00			`Updated quickcommand on restart with new IP address`
			`re-print quickstart when restarting C2Server.py`
			`Updated migrate command in implant handler & added Escape for HTML output`
			`Major refector of the portscanner by rolen`
			`Fixed proxy payloads for powershell implant`
			`Updated tasks command`
			`Fixed linuxprivchecker to work through a proxy`
			`Fixed config output for Apache rewrite rules by console`
			`Added ability to load and execute LinuxPrivChecker in memory on *nix by pwndexter`
			`Updated Core DLL for Sharp implant`
			`Updated kill-implant options on Sharp implant`
Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00			`Added Sharp Implant and corresponding DLLs/Shellcode`

Added 32bit -> 64bit migration using https://github.com/Coder666/Invoke-CreateRemoteThread64 2018-11-19 19:38:53 +00:00			`4.5 (19/11/18)`
			`==============`
Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00			`Removed Invoke-Enum`
			`Merged Get-TokenElevationType.ps1 by jmhickman`
			`Added TLS Config to Python Server`
			`Updated README`
			`Updated Get-IPAddress`
			`Merged OfflineReportGenerator.py by skahwah`
			`Updated to latest PowerUp.ps1`
			`Updated INSTALL notes`
			`Updated to work with FIPSAlgorithmPolicy`
			`Updated to latest Invoke-Kerberoast & Invoke-Mimikatz`
			`Removed process start for Netsh.exe on non migrate executable`
Added 32bit -> 64bit migration using https://github.com/Coder666/Invoke-CreateRemoteThread64 2018-11-19 19:38:53 +00:00
			`4.4 (10/11/18)`
			`==============`
			`Inject Shellcode 32bit to 6bit using https://github.com/Coder666/Invoke-CreateRemoteThread64`
			`Added simple Get-IPConfig cmdlet`
			`Updated to include most recent commits`
			`Updated to add option to upload file that is not Hidden & System`
			`Identify if SSL inspection is enabled for web traffic`
			`Obtain a user hash using the methods from 'Internal-Monologue'`
			`Updated to handle accents on hostnames or users`
			`Updated Get-Processfull & Get-Processlist to handle errors on GetOwner()`
Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00			`Updated syntax error in WMIEvent module`
Added 32bit -> 64bit migration using https://github.com/Coder666/Invoke-CreateRemoteThread64 2018-11-19 19:38:53 +00:00			`Updated Shellcode/DLL to support scriptblock / transcript bypass`
			`Updated default ps command - Now uses Get-ProcessList not Get-ProcessFull`
			`Updated opsec command to add users compromised`
			`Removed sleep as beacon command - set-beacon, beacon or setbeacon`
			`Updated Unhook-AMSI (https://0x00-0x00.github.io/research/2018/10/28/How-to-bypass-AMSI-and-Execute-ANY-malicious-powershell-code.html)`
'Updated changelog' 2018-10-27 19:01:07 +00:00			`Removed html and replaced with cgi requirement for HTML encoding on output-to-html`
			`Updated print statements in C2Server,ImplantHandler & AutoLoads in preperation for Python3`
			`Updated output-to-html to escape HTML characters`

Added 32bit -> 64bit migration using https://github.com/Coder666/Invoke-CreateRemoteThread64 2018-11-19 19:38:53 +00:00			`4.3 (27/10/18)`
			`==============`
'Added changelog.txt to track changes for future versions' 2018-10-27 17:49:46 +00:00			`Updated HTML Output for Implants.html`
			`Updated OPSEC command for persistence`
			`Updated Implant Naming Convention to use [Security.Principal.WindowsIdentity]::GetCurrent()).name`
			`Updated ImplantHandler new User Idenfication for Primary Token Use`
			`Updated Invoke-RunAs under SYSTEM with CreateProcessAsUser`
			`Updated Implant-Core process list to use get-processlist function (pinvoke - CreateToolhelp32Snapshot)`
			`Updated autoloads for cmdlets which were missing`
			`Added standalone msbuild.xml output format to payloads.py`
			`Update Msbuild.xml to work with Windows10 64bit (replaced mem.copy to WriteProcessMemory)`
			`Updated Inject-Shellcode to remove processpath and leave procpath`
			`Added Get-ProcessList Module which uses winapi to do ps list (pinvoke - CreateToolhelp32Snapshot)`
Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00			`Added QueueUserAPC to Inject-Shellcode (migrate -Suspended -QueueUserAPC)`
			`Merge pull request #6 from m0rv4i/update-script`
'Added changelog.txt to track changes for future versions' 2018-10-27 17:49:46 +00:00			`Updated Inject-Shellcode base directory to /proj/payloads`
			`Updated output-to-html to Encode HTML Chars`
			`Updated show-serverinfo`
			`Added CSC output format to payloads.py`
			`Added List-URLs Command to DB`
Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00			`Updated CredPopper puts default username and has minimum password limit`
'Added changelog.txt to track changes for future versions' 2018-10-27 17:49:46 +00:00			`Minor changes to documentation`

			`4.2`
			`====`
			`m0rv4i modified update.sh to stash git changes`
			`m0rv4i added laps command from ImplantHandler to autoload`
			`m0rv4i added Get-LAPSPasswords.ps1`

			`4.1`
			`====`
			`Updated Python Implant to Work with createnewpayload`
			`Removed Error on Time`
			`Added WMIEvents and Incorporated Invoke-SMBClient`
			`Added MSBuild Files to PoshC2`
			`Updated to Include Pushover API`
			`Added KillDate to Python Implant`
			`Updated Get-Keystrokes`
			`Added Hide-Implant Mac`
			`Added Hash Verification on Python Downloader`
			`Added Loadodule and Python execution to Mac`
			`Update get-keystrokes`
			`Added get-keystrokes for Mac`
			`Added Error Handling Mac`
			`Updated Opsec for Persistence Files`
			`Updated Persistence Comment`
			`Updated Persistence Status`
			`Added Crontab Persistence and Download-File for Mac`
			`Updated SMBExec/WMIExec Password Options not to use Add-Type`
			`Added Python Downloader`
			`Updated startanotherimplant`
			`Updated Kill Implant OSx`
			`Updated Pbind`
			`Updated OSX for StartAnotherImplant`
			`Updated Help for OSX`
			`Added Domain Fronting for OSx Implant`
			`Updated Posh EXE Downloader`
			`Updated InstallEXE-Persistence`
			`Added Screenshot Mac OSX`
			`Updated to remove requirement for pycrypto for Python implants`
			`Updated Brute-AD to Add Domain Flag`
			`Updated Brute-AD Module`
			`Updated to include AMSI Bypass`
Added CSharp Implant/Dll/Shellcode - More functionality coming soon 2018-12-27 12:10:46 +00:00			`Updated PoshC2 to have the AMSI bypass by default in the Shellcode`