Mariusz Banach mgeeky

## WMI_persistence_template.ps1
# Step #1 - Prep payload
$Hive = 'HKLM'
$PayloadKey = 'SOFTWARE\PayloadKey'
$PayloadValue = 'PayloadValue'
$TimerName = 'PayloadTrigger'
$EventFilterName = 'TimerTrigger'
$EventConsumerName = 'ExecuteEvilPowerShell'

switch ($Hive) {
    'HKLM' { $HiveVal = [UInt32] 2147483650 }

## dummy-web-server.py
#!/usr/bin/env python
"""
Very simple HTTP server in python.

Usage::
    ./dummy-web-server.py [<port>]

Send a GET request::
    curl http://localhost

## web-server.rb
#!/usr/bin/env ruby

require "webrick"

=begin
    WEBrick is a Ruby library that makes it easy to build an HTTP server with Ruby.
    It comes with most installations of Ruby by default (it’s part of the standard library),
    so you can usually create a basic web/HTTP server with only several lines of code.

    The following code creates a generic WEBrick server on the local machine on port 1234,

## eternalblue_merge_shellcode.py
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
import sys
from struct import pack

if len(sys.argv) < 4:
	print('Usage: {} sc_x86 sc_x64 sc_out'.format(sys.argv[0]))
	sys.exit()

sc_x86 = open(sys.argv[1], 'rb').read()
sc_x64 = open(sys.argv[2], 'rb').read()

## pe-aware-split.py
#!/usr/bin/env python
# DiabloHorn https://diablohorn.com
# blank out bytes taking into account the PE file format
# input file: base64 malware.exe | rev > enc.txt
import sys
import os
#pip install pefile
import pefile
import argparse
import logging

## PowerView-2.0-tricks.ps1
# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/)
#   has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

# get all the groups a user is effectively a member of, 'recursing up'
Get-NetGroup -UserName <USER>

# get all the effective members of a group, 'recursing down'
Get-NetGroupMember -GoupName <GROUP> -Recurse

# get the effective set of users who can administer a server

## all.txt

.
..
........
@
*
*.*
*.*.*
ðŸŽ

## PowerView-3.0-tricks.ps1
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
#   tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c

# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
#   https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1

# New function naming schema:
#   Verbs:
#       Get : retrieve full raw data sets
#       Find : ‘find’ specific data entries in a data set

## Rulz.py
#!/usr/bin/env python3
# Rulz.py
# Author: Nick Landers (@monoxgas) - Silent Break Security

import os
import sys
import argparse
import re
import binascii
import codecs

## ajnasz-blue.ini
[skin]
    description=Ajnasz Blue Theme. Midnight Commander skin from Ajnasz.

[Lines]
    horiz=─
    vert=│
    lefttop=┌
    righttop=┐
    leftbottom=└
    rightbottom=┘
	# Step #1 - Prep payload
	$Hive = 'HKLM'
	$PayloadKey = 'SOFTWARE\PayloadKey'
	$PayloadValue = 'PayloadValue'
	$TimerName = 'PayloadTrigger'
	$EventFilterName = 'TimerTrigger'
	$EventConsumerName = 'ExecuteEvilPowerShell'

	switch ($Hive) {
	'HKLM' { $HiveVal = [UInt32] 2147483650 }
	#!/usr/bin/env python
	"""
	Very simple HTTP server in python.

	Usage::
	./dummy-web-server.py [<port>]

	Send a GET request::
	curl http://localhost
	#!/usr/bin/env ruby

	require "webrick"

	=begin
	WEBrick is a Ruby library that makes it easy to build an HTTP server with Ruby.
	It comes with most installations of Ruby by default (it’s part of the standard library),
	so you can usually create a basic web/HTTP server with only several lines of code.

	The following code creates a generic WEBrick server on the local machine on port 1234,
	# This file has no update anymore. Please see https://github.com/worawit/MS17-010
	import sys
	from struct import pack

	if len(sys.argv) < 4:
	print('Usage: {} sc_x86 sc_x64 sc_out'.format(sys.argv[0]))
	sys.exit()

	sc_x86 = open(sys.argv[1], 'rb').read()
	sc_x64 = open(sys.argv[2], 'rb').read()
	#!/usr/bin/env python
	# DiabloHorn https://diablohorn.com
	# blank out bytes taking into account the PE file format
	# input file: base64 malware.exe \| rev > enc.txt
	import sys
	import os
	#pip install pefile
	import pefile
	import argparse
	import logging
	# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/)
	# has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

	# get all the groups a user is effectively a member of, 'recursing up'
	Get-NetGroup -UserName <USER>

	# get all the effective members of a group, 'recursing down'
	Get-NetGroupMember -GoupName <GROUP> -Recurse

	# get the effective set of users who can administer a server
	# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
	# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c

	# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
	# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1

	# New function naming schema:
	# Verbs:
	# Get : retrieve full raw data sets
	# Find : ‘find’ specific data entries in a data set
	#!/usr/bin/env python3
	# Rulz.py
	# Author: Nick Landers (@monoxgas) - Silent Break Security

	import os
	import sys
	import argparse
	import re
	import binascii
	import codecs
	[skin]
	description=Ajnasz Blue Theme. Midnight Commander skin from Ajnasz.

	[Lines]
	horiz=─
	vert=│
	lefttop=┌
	righttop=┐
	leftbottom=└
	rightbottom=┘