Kautilya v0.4.5 Released

Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby.

  • The Windows payloads and modules are written mostly in powershell (in combination with native commands) and are tested on Windows 7.
  • The Linux payloads are mostly commands in combination with little Bash scripting. These are tested on Ubuntu 11.
  • The OS X payloads are shell scripts (those installed by default) with usage of native commands. Tested on OS X Lion running on a VMWare.

Changelog v0.4.5

  • Bug fixes and improvements in Time Based Exec. It now supports exfiltration and could be stopped remotely.
  • Less lines of code for HTTP Backdoor and Download Execute PS.
  • HTTP Backdoor, Download Execute PS, Hashdump and Exfiltrate and Dump LSA Secrets now execute the downloaded script in memory.
  • Shortened parameters passed to powershell.exe when the scripts are called. Thus, saving the time in “typing” by HID.
  • Added two new exfiltration options, POST requests and DNS TXT records.
  • Username and password for exfiltration would be asked only if you select gmail or pastebin.
  • Tinypaste as an option for exfiltration has been removed.
  • Payloads have been made more modular which results in smaller size.
  • Reboot Persistence has been added to HTTP Backdoor and DNS TXT Backdoor.
  • Menu redesign.
  • Bug fix in Dump LSA Secrets payload.
  • Added ./extras/Decode.ps1. Use this to decode data exfiltrated by HTTP Backdoor and DNS TXT Backdoor.
  • Added ./extras/Remove-Persistence.ps1. Use this to remove persistence by Keylogger, HTTP Backdoor and DNS TXT Backdoor.
  • Kautilya could be run on Windows if win32console gem is installed.

More Information: here

Download Kautilya v0.4.5

Thanks to our friend Nikhil “SamratAshok” Mittal, for sharing this tool with us. 😉


www.artssec.com @maxisoler