Information security professionals explain that Harness is the remote access payload with the ability to provide a remote interactive PowerShell interface from a Windows system to almost any TCP socket. The goal of the Harness Project is to provide a remote interface with the capabilities and feel of the native PowerShell executable included with the Windows operating system.
Some payload characteristics are:
- Remote PowerShell CLI
- Multiple line command processing similar to native PowerShell.exe
- Supports remote import of PowerShell modules without additional stages (requires backup driver)
- Unmanaged payload allows you to bypass the whitelist
- The reflective payload allows the payload to be injected into other processes
About the installation: Harness is included in a Python framework. Python 3.4+ is indispensable because the driver is implemented in the asyncio library.
For Python3.4 as an alternative installation, you can execute the following commands:
wget https://python.org/ftp/python/3.4.3/Python-3.4.3.tar.xz
tar xf Python-3.4.3.tar.xz
cd Python-3.4.3
./configure –prefix = / usr / local –enable-shared LDFLAGS = “- Wl, -rpath / usr / local / lib”
make && make altinstall
In addition to Python, the installation requires you to unzip the Harness folder in the location you choose, says the information security expert. The framework has only been tested on Kali Linux and was not designed for Windows. Start Harness:
cd / harness
python3.4 harness.py
- Payload
- Added: sleep command to schedule callbacks
- Added: SSL comms
- Implemented (partial) PromptForCredentials method
- Implemented: Readline method
- Fix: write-error
- Fix: write-debug
- Implemented: PromptForChoice method
- Implemented: Prompt method
- General code cleanup
- Fix: remotely imported modules now required to be base64 encoded to avoid script corruption
- Client
- General clean-up
- Output tables not left justified
- modules & options now stored in OrderedDict
Source: https://github.com/Rich5
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.
