- Install 12.0 (or later)
- Install drm-next-kmod from ports - do not install xf86-video-intel
- Recognized by default, need to enable iwm in rc.conf
/* Author: TheWover | |
Description: Injects embedded base64-encoded shellcode into an arbitrary hardcoded process using native Windows 32 API calls. | |
Last Modified: 11/1/2018 | |
*/ | |
using System; | |
using System.Diagnostics; | |
using System.Runtime.InteropServices; | |
namespace ShellcodeTest |
package main | |
import ( | |
"fmt" | |
"log" | |
"syscall" | |
"unsafe" | |
) | |
// getInfo retrieves a specified type of information about an access token. |
package main | |
import ( | |
"fmt" | |
"log" | |
"os/exec" | |
"syscall" | |
"time" | |
"unsafe" | |
) |
// | |
// Ref = src | |
// https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf | |
// | |
// Credits: | |
// Vyacheslav Rusakov @swwwolf | |
// Tom Bonner @thomas_bonner | |
// | |
#include <Windows.h> |
package main | |
import ( | |
"io/ioutil" | |
"log" | |
"net/http" | |
"os" | |
"runtime" | |
"syscall" | |
"unsafe" |
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
package main | |
import ( | |
"fmt" | |
"io/ioutil" | |
"log" | |
"net/http" | |
"os" | |
) |
' POC to spawn process with PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON mitigation enabled | |
' by @_xpn_ | |
' | |
' Thanks to https://github.com/itm4n/VBA-RunPE and https://github.com/christophetd/spoofing-office-macro | |
Const EXTENDED_STARTUPINFO_PRESENT = &H80000 | |
Const HEAP_ZERO_MEMORY = &H8& | |
Const SW_HIDE = &H0& | |
Const MAX_PATH = 260 | |
Const PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = &H20007 |
{ | |
// Use IntelliSense to learn about possible attributes. | |
// Hover to view descriptions of existing attributes. | |
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 | |
"version": "0.2.0", | |
"configurations": [ | |
{ | |
"name": "Debug Server", | |
"type": "go", | |
"request": "attach", |