Skip to content

Instantly share code, notes, and snippets.

SadProcessor

Block or report user

Report or block SadProcessor

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View TriggerAV.ps1
iex $(([Convert]::FromBase64String("FHJ+YHoTZ1ZARxNgUl5DX1YJEwRWBAFQAFBWHgsFAlEeBwAACh4LBAcDHgNSUAIHCwdQAgALBRQ=") | % { [char] ($_ -bxor 0x33) })-join'')
@SadProcessor
SadProcessor / Test-IntelMEStuff.ps1
Created May 2, 2017
Quick Cmdlet to check this Intel ME Stuff - Uses WMI - Can be run against multiple targets
View Test-IntelMEStuff.ps1
<#
.Synopsis
Check For Intel Stuff (via WMI)
.DESCRIPTION
Check if vulnerable to Intel Active Management Technology,
Intel Small Business Technology, and Intel Standard Manageability
Escalation of Privilege. [INTEL-SA-00075 - May 1st 2017]
Uses WMI. Can be run against multiple computers.
Returns a risk indication, check links in notes for more info and remediation options
.EXAMPLE
View OneLineCheese.txt
Function Invoke-CheeseOnToast{[CmdletBinding(DefaultParameterSetname='Dirty')][Alias('CheeseOnToast')]Param([ValidateSet('MS10015','MS10092','MS13053','MS13081','MS14058','MS15051','MS15078','MS16016','MS16032')][Parameter(Position=0,Mandatory=$false)][String[]]$Vuln,[Parameter(Mandatory=$false,ValueFromPipeline=$true)][Alias('Target','T')][String[]]$ComputerName=$env:COMPUTERNAME,[Parameter(Mandatory=$false,ParameterSetname='Dirty')][Alias('U')][String]$User=$env:USERNAME,[Parameter(Mandatory=$false,ParameterSetname='Dirty')][Alias('P')][String]$Pass,[Parameter(Mandatory=$true,ParameterSetname='Clean')][Alias('C')][Switch]$CredBox,[Parameter(Mandatory=$false)][Alias('All','A')][Switch]$ShowAll);Begin{$Result=@();$Creds=@{};if($PSCmdlet.ParameterSetName -eq 'Clean'){$Creds=Get-Credential -U $env:USERNAME -M 'Please Enter Creds'}else{if($Pass){$Creds['Credential']=New-Object System.Management.Automation.PSCredential -A $User,$(ConvertTo-SecureString $Pass -A -F)}};switch($Vuln){'MS10015'{$MS10015=$true};'MS10
@SadProcessor
SadProcessor / cheeseontoast.py
Last active Apr 6, 2017
Empire Module file for Invoke-CheeseOnToast
View cheeseontoast.py
from lib.common import helpers
class Module:
def __init__(self, mainMenu, params=[]):
self.info = {
'Name': 'Invoke-CheeseOnToast',
'Author': ['SadProcessor'],
'Description': ('Priv Esc Vuln Finder'),
'Background' : True,
'OutputExtension' : None,
'NeedsAdmin' : True,
@SadProcessor
SadProcessor / TimeStamp.ps1
Last active May 16, 2017
TimeStamp Object
View TimeStamp.ps1
Function Get-Stamp{$Props = @{'Box'=$env:COMPUTERNAME;'MAC'= (Get-NetAdapter -Physical)[0].macaddress;'Stamp'=(Get-Date).DateTime};$Obj = New-Object PSCustomObject -Prop $Props | select MAC,Stamp,Box;Return $Obj};Get-Stamp
View Walk.ps1
function Walk{
[Alias('To')]
Param(
[ValidateSet('About Windows dialog','Add Hardware Wizard','Adding a new Device','Advanced User Accounts','Advanced User Accounts msc','Backup and Restore','Bluetooth File Transfer','Calculator','Certificates','Change Computer Performance Settings','Change Data Execution Prevention','Change Data Execution Prevention Settings','Character Map','ClearType Tuner','Color Management','Command Prompt','Component Services','Component Services DCOM','Computer Management','Computer Management launcher','Connect to a Projector','Control Panel','Create A Shared Folder Wizard','Create a System Repair Disc','Data Execution Prevention','Date and Time','Default Location','Device Manager','Device Manager msc','Device Pairing Wizard','Diagnostics Troubleshooting Wizard','Digitizer Calibration Tool','DirectX Diagnostic Tool','Disk Cleanup','Disk Defragmenter','Disk Management','Display','Display Color Calibration','Display Switch','DPAPI Key Migration Wizard','Driver Verifier
@SadProcessor
SadProcessor / Encodedcalc.txt
Created Mar 11, 2017
Calc encoded > test with
@SadProcessor
SadProcessor / Get-Qwiki.ps1
Last active Sep 18, 2017
Quick Wikipedia Search Utility (MultiLang) - TIP: add to Posh Profile
View Get-Qwiki.ps1
<#
.Synopsis
Quick Wiki Search
.DESCRIPTION
Get Wikipedia Search. Summary in Console or Full pages Online.
.EXAMPLE
QWiki
.EXAMPLE
Qwiki -Search PowerShell
.EXAMPLE
@SadProcessor
SadProcessor / MultiDynParams.ps1
Last active Mar 20, 2017
Multiple Dynamic Param Template - Because Tab-Completion & Intellisense
View MultiDynParams.ps1
## TEMPLATE MULTIPLE DYNAMIC PARAMETER ##
<#
.Synopsis
Test Dynamic Params
.DESCRIPTION
Multiple Dynamic Param Template
Because Tab-Completion & Intellisense
.EXAMPLE
Try me...
You can’t perform that action at this time.