Share
## https://sploitus.com/exploit?id=F9513AE9-7BCE-5C49-8B17-5A09F91845EA
MSI-Explot-k4
> **Next-Gen Red Team Framework for MSI-Based Privilege Escalation**
Author: Nin Kanong (k4n0ng)
> [](LICENSE)
> [](https://www.python.org/)
> [](https://www.kali.org/)

## π Overview
**MSI-Exploit-k4** is a modular, enterprise-grade framework designed to exploit the **βAlways Install with Elevated Privilegesβ** Windows misconfiguration β allowing attackers to gain **SYSTEM-level access** via malicious `.msi` files β even when targeting **non-admin users**.
Built with **Python 3**, it supports **dual payload engines**, **AV evasion**, **multiple delivery methods**, and **auto-installation of dependencies** β making it ideal for **red team operations**, **penetration testing**, and **CTF challenges**.
---
## π Features
β
**Auto-installs Metasploit** if missing (Ubuntu/Kali compatible)
β
**Dual Payload Engines**:
βββ’ `msfvenom` (shell_reverse_tcp)
βββ’ `WiX + PowerShell` (AMSI-bypassing, Base64 obfuscated)
β
**Multiple Listeners**: Netcat, Socat, Python TCP
β
**AV Evasion**: `shikata_ga_nai`, Base64 obfuscation, AMSI bypass
β
**Flexible Delivery**: HTTP, HTTPS, SMB (coming soon)
β
**Victim Validation**: Auto-checks SMB connectivity & policy status
β
**Modular Architecture**: Easy to extend with new payloads or listeners
β
**Docker Support**: Run in containerized environments
β
**Professional Logging**: Session logs, error tracking, timestamps
β
**Cross-Platform Friendly**: Works on Kali, Ubuntu, WSL2
---
## Structure
````
MSI-Exploit-k4/
βββ msi_exploit.py # Main entry point
βββ core/
β βββ __init__.py
β βββ installer.py # Payload generation
β βββ listener.py # Netcat, Socat, Python TCP
β βββ delivery.py # HTTP/SMB hosting
β βββ evasion.py # Encoding, obfuscation
β βββ validator.py # Victim policy check
β βββ utils.py # Helpers, logging, IP detection
βββ payloads/
β βββ templates/
β β βββ reverse_nc.ps1
β β βββ custom.bat
β βββ generated/ # Auto-generated payloads
βββ templates/
β βββ wix/
β βββ product.wxs
βββ config/
β βββ default.yaml
βββ logs/
β βββ sessions/
βββ tests/
β βββ test_core.py
βββ Dockerfile
βββ requirements.txt
βββ setup.sh # One-click Kali setup
βββ README.md
βββ LICENSE
````
## π οΈ Requirements
- **Operating System**: Kali Linux (recommended), Ubuntu 20.04+, or WSL2
- **Python**: 3.8+
- **Tools**: `docker`, `netcat-openbsd`, `python3-pip`
- **Optional**: `socat` for advanced listeners
> π‘ No root required for most operations β except HTTP server (port 80).
---
## π Quick Start
### 1. Clone the Repository
````
git clone https://github.com/Nin-Kanong/MSI-Exploit-k4.git
cd MSI-Exploit-k4
````
> **Next-Gen Red Team Framework for MSI-Based Privilege Escalation**

## π₯ Features
- β
**Auto-installs Metasploit** if missing
- β
**Dual payload engines**: `msfvenom` + **WiX (PowerShell)**
- β
**Multiple listeners**: Netcat, Socat, Python TCP
- β
**AV evasion**: shikata_ga_nai, Base64 obfuscation
- β
**Flexible delivery**: HTTP, HTTPS, SMB
- β
**Victim validation**: auto-check connectivity
- β
**Modular & extensible** architecture
- β
**Docker support**
- β
**Professional logging**
## π οΈ Requirements
- Kali Linux (recommended)
- Python 3.8+
- Docker (for WiX payloads)
## π Quick Start
```bash
git clone https://github.com/yourusername/MSI-Exploit-k4.git
cd MSI-Exploit-k4
chmod +x setup.sh
./setup.sh
./msi_exploit.py --ip 192.168.1.100