Posts: 39
Threads: 11
Joined: Jun 2023
Jun 29, 2023, 04:44 PM
(This post was last modified: Jun 29, 2023, 05:05 PM by azathothunlimited.)
Queso is an information-centered tool inspired by Blank-Grabber. It is designed to disguise itself inside an executable file so it can collect data on a target's machine and local network.
The Queso Project is in active development and providing feedback is encouraged. If you would like to contribute to the codebase, please contact @azathothunlimited.
Current Capabilities
- Simple privilege escalation
- Disabling Windows Defender / Windows Firewall
- Stealing and decrypt browser passwords
- Performing network scans
Development Priorities
- Rootkit tools
- Reverse shell
- Better admin escalation
Posts: 1
Threads: 0
Joined: Jun 2023
(Jun 29, 2023, 04:44 PM)azathothunlimited Wrote: Queso is an information-centered tool inspired by Blank-Grabber. It is designed to disguise itself inside an executable file so it can collect data on a target's machine and local network.
The Queso Project is in active development and providing feedback is encouraged. If you would like to contribute to the codebase, please contact @azathothunlimited.
Current Capabilities
- Simple privilege escalation
- Disabling Windows Defender / Windows Firewall
- Stealing and decrypt browser passwords
- Performing network scans
Development Priorities
- Rootkit tools
- Reverse shell
- Better admin escalation
nice
Posts: 394
Threads: 69
Joined: Jun 2023
Jun 29, 2023, 11:27 PM
(This post was last modified: Jun 29, 2023, 11:27 PM by jahy.)
SERVICES NOT HQ 
Posts: 6
Threads: 2
Joined: Jun 2023
sounds cool, what is method of priv esc?
Posts: 39
Threads: 11
Joined: Jun 2023
Jun 29, 2023, 11:53 PM
(This post was last modified: Jun 29, 2023, 11:54 PM by azathothunlimited.)
(Jun 29, 2023, 11:28 PM)LeakBay Wrote: sounds cool, what is method of priv esc?
I adopted two methods already present in Blank-Grabber that utilize fodhelper and computerdefaults respectively. Both work by setting the registry key at hkcu\Software\Classes\ms-settings\shell\open\command to DelegateExecute.
Posts: 6
Threads: 2
Joined: Jun 2023
(Jun 29, 2023, 11:53 PM)azathothunlimited Wrote: (Jun 29, 2023, 11:28 PM)LeakBay Wrote: sounds cool, what is method of priv esc?
I adopted two methods already present in Blank-Grabber that utilize fodhelper and computerdefaults respectively. Both work by setting the registry key at hkcu\Software\Classes\ms-settings\shell\open\command to DelegateExecute.
hmm very interesting, you're definitely skilled at this malware stuff you should try make some malware in another language like c++ or c# . keep it up dude
Posts: 25
Threads: 2
Joined: Jun 2023
Posts: 8
Threads: 0
Joined: Jul 2023
Posts: 60
Threads: 1
Joined: Aug 2023
Posts: 69
Threads: 4
Joined: Aug 2023
Seems like an interesting project, I'm rooting for you! Can't wait to see it's evolution
|
