Liam Glanfield OneLogicalMyth

## New-cPassword.ps1
# @OneLogicalMyth
function New-cPassword($unencryptedString) {
    # encrypt string to known AES key used by cPassword
    $AesObject = New-Object System.Security.Cryptography.AesCryptoServiceProvider
    $AesObject.Mode = [System.Security.Cryptography.CipherMode]::CBC
    $AesObject.IV = New-Object Byte[]($AesObject.IV.Length)
    $AesObject.KeySize = 256
    $AesObject.Key = @(0x4e,0x99,0x06,0xe8,0xfc,0xb6,0x6c,0xc9,0xfa,0xf4,0x93,0x10,0x62,0x0f,0xfe,0xe8,
                                 0xf4,0x96,0xe8,0x06,0xcc,0x05,0x79,0x90,0x20,0x9b,0x09,0xa4,0x33,0xb6,0x6c,0x1b)
    $encryptor = $AesObject.CreateEncryptor()

## PrivEsc_PoC.ps1
param($TargetFile,$TaskFolder='Exploit')

function Native-HardLink {
<#
.SYNOPSIS
    This is a proof-of-concept for NT hard links. There are some advantages, from an offensive
    perspective, to using NtSetInformationFile to create hard links (as opposed to
    mklink/CreateHardLink). NtSetInformationFile allows us link to files we don’t have write
    access to. In the script I am performing some steps which are not strictly speaking
    necessary, like using GetFullPathName for path resolution, I have done this mostly to

## Defcon-26_Speakers.ps1

Add-Type -AssemblyName System.Web

function grabdate {
param($day,$time)

    switch($day){
            'Thursday' { Get-Date -Date "09/08/2018 $time" }
            'Friday' { Get-Date -Date "10/08/2018 $time" }
            'Saturday' { Get-Date -Date "11/08/2018 $time" }

## keybase.md

      
        
          
            
              
              1 file
            
          
          
            
              
              0 forks
            
          
          
            
              
              0 comments
            
          
          
            
              
              0 stars
            
          
        
        
          
              
          
          
            
                OneLogicalMyth
                / keybase.md
            
            
              Created
              October 27, 2016 23:19
            
          
        
      
        
  
      
    Keybase proof

I hereby claim:

I am OneLogicalMyth on github.
I am onelogicalmyth (https://keybase.io/onelogicalmyth) on keybase.
I have a public key whose fingerprint is 9CC8 A934 86C0 2993 4A96  AA1B 1E27 FB03 0D61 65ED

To claim this, I am signing this object:
	# @OneLogicalMyth
	function New-cPassword($unencryptedString) {
	# encrypt string to known AES key used by cPassword
	$AesObject = New-Object System.Security.Cryptography.AesCryptoServiceProvider
	$AesObject.Mode = [System.Security.Cryptography.CipherMode]::CBC
	$AesObject.IV = New-Object Byte[]($AesObject.IV.Length)
	$AesObject.KeySize = 256
	$AesObject.Key = @(0x4e,0x99,0x06,0xe8,0xfc,0xb6,0x6c,0xc9,0xfa,0xf4,0x93,0x10,0x62,0x0f,0xfe,0xe8,
	0xf4,0x96,0xe8,0x06,0xcc,0x05,0x79,0x90,0x20,0x9b,0x09,0xa4,0x33,0xb6,0x6c,0x1b)
	$encryptor = $AesObject.CreateEncryptor()
	param($TargetFile,$TaskFolder='Exploit')

	function Native-HardLink {
	<#
	.SYNOPSIS
	This is a proof-of-concept for NT hard links. There are some advantages, from an offensive
	perspective, to using NtSetInformationFile to create hard links (as opposed to
	mklink/CreateHardLink). NtSetInformationFile allows us link to files we don’t have write
	access to. In the script I am performing some steps which are not strictly speaking
	necessary, like using GetFullPathName for path resolution, I have done this mostly to

	Add-Type -AssemblyName System.Web

	function grabdate {
	param($day,$time)

	switch($day){
	'Thursday' { Get-Date -Date "09/08/2018 $time" }
	'Friday' { Get-Date -Date "10/08/2018 $time" }
	'Saturday' { Get-Date -Date "11/08/2018 $time" }