VBS/PS Agent - Remote Access
What is a VBS/PS Remote agent? Exploit Pack's VBS/PS Remote control agent is a software that once is executed has the capability of replicating itself and injecting other files and programs. This piece of software is usually called virus or malware because of its behavior and typically used by malicious users to steal personal information, hijack your screen and spam your contacts to spread itself to other machines.
What can you do with it?
- Execution of code in the underlying operating system.
- Replicate a real threat in your organization and measure the impact.
- Self propagation through Email, USB, Meetings.
- Self destruct.
- Get persistent access into the targeted machine.
- Multiple connections supported through HTTP.
- Direct access to .NET objects.
- Distribute it through Word, Excel, PDF or Internet Explorer ActiveX components.
- Userland access makes it 100% FUD or at least very hard to detect with any AV software
Why is it included in Exploit Pack? These types of threats are very common nowadays and are spread around every corner, name any big organization and chances are that they have suffered or are currently being victims of this kind of threat. They are being distributed through emails, websites or IM attachments through Skype, Zoom, etc. There is a need to test this from a real attack scenario perspective, just like an attacker will do, and if you ever get your hands in a real sample they are usually obfuscated.
Disclaimer: Exploit Pack is a security testing software. It contains functionalities that could potentially damage or result in unexpected behaviour in some applications. We recommend to use Exploit Pack only against non-production environments. Please read all documentation before using Exploit Pack, and do not use Exploit Pack against any systems for which you are not authorized by the system owner.