tyranid
/ kill_file_locker.ps1
Created Sep 26, 2017
View kill_file_locker.ps1
| Import-Module NtObjectManager | |
| <# | |
| Function to kill all processes which are using a locked file. | |
| #> | |
| function Kill-FileLocker { | |
| param( | |
| [Parameter(Mandatory)] | |
| [string]$Path | |
| ) |
tyranid
/ bypass_uac.ps1
Last active Feb 9, 2020
View bypass_uac.ps1
| # Powershell script to bypass UAC on Vista+ assuming | |
| # there exists one elevated process on the same desktop. | |
| # Technical details in: | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html | |
| # You need to Install-Module NtObjectManager for this to run. | |
| Import-Module NtObjectManager |
View ntfs_testcase.cpp
| #include <stdio.h> | |
| #include <tchar.h> | |
| #include <Windows.h> | |
| #include <string> | |
| int _tmain(int argc, _TCHAR* argv[]) | |
| { | |
| for (int i = 1; i < 128; ++i) | |
| { | |
| std::wstring name = L".\a"; |
View cmdfile registration
| Windows Registry Editor Version 5.00 | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\cmdfile\shell\open\command] | |
| @="c:\\windows\\system32\\calc.exe" |
tyranid
/ Test for MS14-027
Created May 22, 2014
View Test for MS14-027
| #include <stdio.h> | |
| #include <tchar.h> | |
| #include <Windows.h> | |
| int wmain(int argc, WCHAR* argv[]) | |
| { | |
| if (argc < 2) | |
| { | |
| printf("Usage: ImpersonateSHExec filename [sessionid]\n"); | |
| return 1; |