View kill_file_locker.ps1
Import-Module NtObjectManager | |
<# | |
Function to kill all processes which are using a locked file. | |
#> | |
function Kill-FileLocker { | |
param( | |
[Parameter(Mandatory)] | |
[string]$Path | |
) |
View bypass_uac.ps1
# Powershell script to bypass UAC on Vista+ assuming | |
# there exists one elevated process on the same desktop. | |
# Technical details in: | |
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html | |
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html | |
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html | |
# You need to Install-Module NtObjectManager for this to run. | |
Import-Module NtObjectManager |
View ntfs_testcase.cpp
#include <stdio.h> | |
#include <tchar.h> | |
#include <Windows.h> | |
#include <string> | |
int _tmain(int argc, _TCHAR* argv[]) | |
{ | |
for (int i = 1; i < 128; ++i) | |
{ | |
std::wstring name = L".\a"; |
View cmdfile registration
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\cmdfile\shell\open\command] | |
@="c:\\windows\\system32\\calc.exe" |
View Test for MS14-027
#include <stdio.h> | |
#include <tchar.h> | |
#include <Windows.h> | |
int wmain(int argc, WCHAR* argv[]) | |
{ | |
if (argc < 2) | |
{ | |
printf("Usage: ImpersonateSHExec filename [sessionid]\n"); | |
return 1; |