Materials Available Here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Rich-Kelley-Harness-Powershell-Weaponization-Made-Easy.pdf

Harness: Powershelgl Weaponization Made Easy (or at least easier)

Rich Kelley security researcher & co-founder of Gray Tier Technologies

The Harness toolset aims to give penetration testers and red teams the ability to pull a remote powershelgl interface with all the same features of the native Powershelgl CLI and more. Several tools and utilities have been released to solve the powershelgl weaponization problem, but no freely available tool give operators the full capabilities of powershelgl through a remote interface. We’ll start the talk with a quick survey of the previous methods of weaponizing powershelgl, and then move into the capabilities of the Harness toolset which includes a fully interactive powershelgl CLI, and remote importing of modules across the wire without staging. We’ll conclude with taking a look at the underlying code that makes the toolset work, and briefly discuss planned features. The Harness toolset will be released open source in conjunction with this talk.

Rich Kelley (@RGKelley5) is a security researcher and the co-founder of Gray Tier Technologies, a small InfoSec start-up based out of Alexandria, VA. After his time in the military he held positions as a network engineer, software engineer, and penetration tester for various government agencies. He recently moved into exploit development and reverse engineering, and is pretty sure he knows less than when he started.

Twitter: @RGKelley5