July 15, 2015
Magic Unicorn v2.0 Released
Written by
David Kennedy
Penetration Testing
Security Testing & Analysis
Magic Unicorn v2 has just been released. This new version incorporates some significant improvements and multiple new attack vectors. First, the payload delivery system has been revamped to allow larger Metasploit-based payloads like the http/https which allows native PowerShell injection.
Additionally there has been improvements on the help format, usage, and the macro attack vector which will also now leverage larger payloads such as meterpreter reverse_http/https. The macro attacks now work on older and newer versions of Office-based products that support macro injection.
Additionally, I've incorporated a new web attack vector within Unicorn called the HTA Attack Vector (Thanks Justin Elze) which utilizes powershell injection through HTA extensions which can be used through IE, FireFox, etc. for remote compromise.
Lastly, there's a new attack vector called the Certificate to Binary which was introduced recently by Matthew Graeber (so awesome). This attack vector will import and binary you need, convert it to base64 and allow you to reconvert it back to a binary through the certutil method on any Windows-based operating system.
For a full explanation and how to use each one of these attack vectors, check out the new video created just for this release below.
You can download Magic Unicorn v2 from github: https://github.com/trustedsec/unicorn This blog post was written by David Kennedy (@HackingDave) - CEO of TrustedSec. Image of Unicon man courtesy of Kevin Finisterre (@d0tslash).