PowerHub is a web application which aids a pentester in transferring files, in particular, code which may get flagged by endpoint protection.
The web application is made with Flask and consists of three parts.
The hub uses PowerShell to load modules and binaries in memory. The binaries can be executed directly from memory with PowerSploit’s
Modules have to be placed in
./modules and can be either PowerShell scripts, PE executables, or shellcode. You can load them on the target via PowerShell with
Help-PowerHub for more information.
PowerHub on the attacker system simply looks for
*.exe files. They need to be in their respective directory, though, so
exe files need to be in
modules/exe (or at least symlinked), and so forth. The
*.ps1 files are imported on the target via
The clipboard functionality is meant for exchanging small snippets, such as hashes, passwords, one liners, and so forth. It’s like an extremely basic etherpad.
The file exchange offers a way to transfer files via HTTP back to the host. Think Droopy.
git clone https://github.com/AdrianVollmer/PowerHub.git
PowerHub has one mandatory argument: the callback host (can be an IP address). This hostname is used by the stager to download the payload. If the callback port or path differs from the default, it can also be changed.
Copyright (c) 2018-2019, Adrian Vollmer