Awesome
Javascript-Backdoor(JSRat)
It is my mistake of naming and the accurate name of this should be JSRat.
Learn from Casey Smith @subTee
https://gist.github.com/subTee/f1603fa5c15d5f8825c0
Blog about it:
《JavaScript Backdoor》
http://en.wooyun.io/2016/01/18/JavaScript-Backdoor.html
《JavaScript Phishing》
http://en.wooyun.io/2016/02/04/42.html
《Use SCT to Bypass Application Whitelisting Protection》
http://en.wooyun.io/2016/04/23/Use_SCT_to_Bypass_Application_Whitelisting_Protection.html
Other nice github:
https://github.com/subTee/PoshRat
https://github.com/Hood3dRob1n/JSRat-Py
Update:
[+] Fix the time-out bug and some other bugs.
[+] Get rid of the cmd black box.
[+] Hide the "systeminfo" black box.
[-] Leave a bug in Upload and Download Mode.
[+] Add code to work behind a proxy server.
[+] Add the way of using sct to start it.
[+] Add the way of using wsc to start it.