Created
June 3, 2015 15:24
-
-
Save ChrisTruncer/c552d47c22bf7aef6876 to your computer and use it in GitHub Desktop.
Powershell v2 egress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-EgressAssess { | |
| <# | |
| .Synopsis | |
| Egress-assess powershell client. | |
| .Description | |
| This script will connect to an Egress-assess server and transfer faux Personally Identifiable Information. | |
| Due to processing overhead in Powershell, numbers are created in batches of 5,000. | |
| Reference: http://powershell.org/wp/2013/09/16/powershell-performance-the-operator-and-when-to-avoid-it/r | |
| .Parameter IP | |
| The string containing the IP or hostname of the egress assess server | |
| .Parameter Proxy | |
| This switch is used when you need to exfiltrate data using the system proxy | |
| .Parameter Iterations | |
| How many blocks of X numbers to generate | |
| Script created by @rvrsh3ll @christruncer @harmj0y @sixdub | |
| https://www.rvrsh3ll.net | |
| https://www.christophertruncer.com/ | |
| http://blog.harmj0y.net/ | |
| http://sixdub.net/ | |
| #> | |
| [CmdletBinding()] | |
| Param ( | |
| [Parameter(Mandatory=$True)] | |
| [string]$IP, | |
| [switch]$Proxy, | |
| [int]$Iterations=1, | |
| [int]$BatchMB=100 | |
| ) | |
| begin { | |
| function Generate-SSN { | |
| #determine the number of SSN based on 11 bytes per SSN | |
| $num = [math]::Round(($BatchMB*1MB)/11) | |
| Write-Verbose "Generating $BatchMB MB of Social Security Numbers ($num)..." | |
| $list = New-Object System.Collections.Generic.List[System.String] | |
| $percentcount=0 | |
| $quart=[math]::Round($num/4) | |
| for ($i=0; $i -lt $num; $i++){ | |
| if($i%$quart -eq 0) | |
| { | |
| $percent=$percentcount*25 | |
| Write-Verbose "$percent Done! $i SSNs Generated" | |
| $percentcount+=1 | |
| } | |
| $r = "$(Get-Random -minimum 100 -maximum 999)-$(Get-Random -minimum 10 -maximum 99)-$(Get-Random -minimum 1000 -maximum 9999)" | |
| $list.Add($r) | |
| } | |
| return $list.ToArray() | |
| } | |
| function Use-HTTP { | |
| $totalupload=0 | |
| $Numbers = Generate-SSN | |
| $Url = "http://" + $IP + "/post_data.php" | |
| $uri = New-Object -TypeName System.Uri -ArgumentList $Url | |
| $wc = New-Object -TypeName System.Net.WebClient | |
| if ($proxy) { | |
| $proxy = [System.Net.WebRequest]::GetSystemWebProxy() | |
| $proxy.Credentials = [System.Net.CredentialCache]::DefaultCredentials | |
| $wc.proxy = $proxy | |
| } | |
| $sizedata = [math]::Round((($Numbers.length)*11/1MB),2) | |
| Write-Verbose "Uploading data of size $sizedata MB..." | |
| 1..$iterations | foreach-object { | |
| $wc.UploadString($uri, $Numbers) | |
| Write-Verbose "Batch $_ Complete" | |
| $totalupload+=$sizedata | |
| } | |
| Write-Verbose "Transaction Complete. $totalupload MB attempted to upload" | |
| [System.GC]::Collect() | |
| } | |
| } | |
| process { | |
| Use-HTTP | |
| } | |
| end { | |
| [System.GC]::Collect() | |
| Write-Verbose "Exiting.." | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment