AutoRDPwn v4.5 – The Shadow Attack Framework


AutoRDPwn is a script created in Powershell and designed to automate the Shadow assault on Microsoft Windows computer systems. This vulnerability permits a distant attacker to view his sufferer’s desktop with out his consent, and even management it on request. For its right operation, it’s essential to adjust to the necessities described within the consumer information.

Powershell or larger


Version 4.5
• New ninja type icon!
• Automatic cleansing of Powershell historical past after execution
• Now all dependencies are downloaded from the identical repository
• Many errors and bugs mounted
• UAC & AMSI bypass in 64-bit methods
• New module out there: Remote Desktop Caching
• New module out there: Disable system logs (Invoke-Phant0m)
• New module out there: Sticky Keys Hacking
• New out there module: Remote Desktop History
• New out there assault: Session Hijacking (passwordless)
WARNING! This assault could be very intrusive and may solely be used regionally
*The remainder of the adjustments may be consulted within the CHANGELOG file

This software can be utilized regionally, remotely or to pivot between computer systems. Thanks to the extra modules, it’s attainable to dump hashes and passwords and even get better the historical past of RDP connections.
One line execution:
powershell -ep bypass “cd $env:temp ; iwr -outfile AutoRDPwn.ps1 ; .AutoRDPwn.ps1″
The detailed information of use may be discovered on the following hyperlink:


Credits and Acknowledgments
Mark Russinovich for his device PsExec ->
HarmJ0y & Matt Graeber for his script Get-System ->
Stas’M Corp. for its RDP device Wrapper ->
Kevin Robertson for his script Invoke-TheHash ->
Benjamin Delpy for his device Mimikatz ->
Halil Dalabasmaz for his script Invoke-Phant0m ->

This software program doesn’t supply any type of assure. Its use is unique for instructional environments and / or safety audits with the corresponding consent of the consumer. I’m not chargeable for its misuse or for any attainable injury attributable to it.
For extra info, you may contact by [email protected]


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.