VBS/PS Agent - Remote Access

What is a VBS/PS Remote agent? Exploit Pack's VBS/PS Remote control agent is a software that once is executed has the capability of replicating itself and inject other files and programs. This piece of software is usually called virus or malware because of its behavior and tipically used by malicious users to steal personal information, hijack your screen and spam your contacts to spread itself to other machines.

What can you do with it?

  • Execution of code in the underlying operating system.

  • Replicate a real threat in your organization and measure the impact.

  • Self propagation trough Email, USB, Meetings.

  • Self destruct.

  • Get persistant access into the targeted machine.

  • Multiple connections supported trough HTTP.

  • Direct access to .NET objects.

  • Distribute it trough Word, Excel, PDF or Internet Explorer ActiveX components.

  • Userland access makes it 100% FUD or at least very hard to detect with any AV software

Why is it included in Exploit Pack? This type of threats are very common nowadays and are spread around every corner, name any big organization and chances are that they have suffered or are currently being victims of this kind of threat. They are being distributed trough emails, websites or IM attachments trough Skype, Zoom, etc. There is a need to test this from a real attack scenario perspective, just like an attacker will do, and if you ever get your hands in a real sample they are usually obfuscated.