jborean93

# Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

"""POC for running exe's over RDP

This is a very rough attempt at trying to run an exe using a headless RDP
connection. It aims to be able to provide an interactive console session as
well as a headless one.

Requires aardwolf - https://github.com/skelsec/aardwolf as a Python dependency.

jborean93

# Copyright (c) 2024 Jordan Borean
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

from __future__ import annotations

DOCUMENTATION = """
name: kinit
type: aggregate
short_description: POC to run kinit on a playbook run.
description:

jborean93

# Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

Function Get-ServiceDacl {
    <#
    .SYNOPSIS
    Gets the service DACL entries.

    .DESCRIPTION
    Gets all the DACL entries for the service(s) specified.

jborean93

# Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

Function Get-PowerShellAssemblyMetadata {
    <#
    .SYNOPSIS
    Gets the cmdlets and aliases in a dotnet assembly.

    .PARAMETER Path
    The assembly to inspect.

jborean93

# Copyright: (c) 2024, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

Function Test-Tls {
    [CmdletBinding()]
    param (
        [Parameter(Mandatory)]
        [string]
        $HostName,

jborean93

#!/usr/bin/env python

"""Test TLS Enabled Web Server

A script that can start a temporary TLS enabled web server. This server
supports a basic GET request and will return metadata on the request from the
client. By default it will create an ephemeral certificate when starting up but
a custom certificate can be provided. Also supports client authentication by
providing a CA bundle to use for verification or using --tls-client-auth to
generate a new set of keys.

jborean93

from __future__ import annotations

import base64
import gssapi
import io
import re
import requests
import struct
import sys
import typing as t

jborean93

<#
NOTE: Must be run in Windows PowerShell (5.1), PowerShell (7+) cannot create standalone exes.

This is designed to create a simple exe that can be used to spawn any console
application with a hidden Window. As NoGui.exe is a GUI executable it won't
spawn with an associated console window and can be used to then create a new
process with a hidden console window with the arguments it was created with.
The arguments after -- will be used as the new process, for example

    C:\path\NoGui.exe -- pwsh.exe

jborean93

# Copyright: (c) 2023, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

#Requires -Module Ctypes

Function New-S4UAccessToken {
    <#
    .SYNOPSIS
    Generates an S4U access token.

jborean93

# Copyright: (c) 2023, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

class EncodingTransformAttribute : System.Management.Automation.ArgumentTransformationAttribute {
    [object] Transform([System.Management.Automation.EngineIntrinsics]$engineIntrinsics, [object]$InputData) {
        $result = switch ($InputData) {
            { $_ -is [System.Text.Encoding] } { $_ }

            { $_ -is [string] } {
                switch ($_) {