JD SadProcessor
SadProcessor
/ Invoke-AsTrustedInstallerJob.ps1
Created
April 19, 2023 20:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-AsTrustedInstallerJob{ | |
| [Alias('TIJob')] | |
| Param( | |
| [Parameter()][Scriptblock]$Scriptblock, | |
| [Parameter()][String]$UserID=$("$Env:ComputerName\$Env:UserName"), | |
| [Parameter()][String]$TaskName='TIJob' | |
| ) | |
| # IsAdmin?? | |
| $IsAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator) | |
| if(-Not$IsAdmin){Write-Warning "Must be admin";Return} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| iex $(([Convert]::FromBase64String("FHJ+YHoTZ1ZARxNgUl5DX1YJEwRWBAFQAFBWHgsFAlEeBwAACh4LBAcDHgNSUAIHCwdQAgALBRQ=") | % { [char] ($_ -bxor 0x33) })-join'') |
SadProcessor
/ Test-IntelMEStuff.ps1
Created
May 2, 2017 23:34
Quick Cmdlet to check this Intel ME Stuff - Uses WMI - Can be run against multiple targets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Check For Intel Stuff (via WMI) | |
| .DESCRIPTION | |
| Check if vulnerable to Intel Active Management Technology, | |
| Intel Small Business Technology, and Intel Standard Manageability | |
| Escalation of Privilege. [INTEL-SA-00075 - May 1st 2017] | |
| Uses WMI. Can be run against multiple computers. | |
| Returns a risk indication, check links in notes for more info and remediation options | |
| .EXAMPLE |
SadProcessor
/ OneLineCheese.txt
Created
April 7, 2017 12:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Invoke-CheeseOnToast{[CmdletBinding(DefaultParameterSetname='Dirty')][Alias('CheeseOnToast')]Param([ValidateSet('MS10015','MS10092','MS13053','MS13081','MS14058','MS15051','MS15078','MS16016','MS16032')][Parameter(Position=0,Mandatory=$false)][String[]]$Vuln,[Parameter(Mandatory=$false,ValueFromPipeline=$true)][Alias('Target','T')][String[]]$ComputerName=$env:COMPUTERNAME,[Parameter(Mandatory=$false,ParameterSetname='Dirty')][Alias('U')][String]$User=$env:USERNAME,[Parameter(Mandatory=$false,ParameterSetname='Dirty')][Alias('P')][String]$Pass,[Parameter(Mandatory=$true,ParameterSetname='Clean')][Alias('C')][Switch]$CredBox,[Parameter(Mandatory=$false)][Alias('All','A')][Switch]$ShowAll);Begin{$Result=@();$Creds=@{};if($PSCmdlet.ParameterSetName -eq 'Clean'){$Creds=Get-Credential -U $env:USERNAME -M 'Please Enter Creds'}else{if($Pass){$Creds['Credential']=New-Object System.Management.Automation.PSCredential -A $User,$(ConvertTo-SecureString $Pass -A -F)}};switch($Vuln){'MS10015'{$MS10015=$true};'MS10 |
SadProcessor
/ cheeseontoast.py
Last active
April 6, 2017 18:22
Empire Module file for Invoke-CheeseOnToast
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from lib.common import helpers | |
| class Module: | |
| def __init__(self, mainMenu, params=[]): | |
| self.info = { | |
| 'Name': 'Invoke-CheeseOnToast', | |
| 'Author': ['SadProcessor'], | |
| 'Description': ('Priv Esc Vuln Finder'), | |
| 'Background' : True, | |
| 'OutputExtension' : None, | |
| 'NeedsAdmin' : True, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Get-Stamp{$Props = @{'Box'=$env:COMPUTERNAME;'MAC'= (Get-NetAdapter -Physical)[0].macaddress;'Stamp'=(Get-Date).DateTime};$Obj = New-Object PSCustomObject -Prop $Props | select MAC,Stamp,Box;Return $Obj};Get-Stamp |
SadProcessor
/ Walk.ps1
Created
March 22, 2017 23:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Walk{ | |
| [Alias('To')] | |
| Param( | |
| [ValidateSet('About Windows dialog','Add Hardware Wizard','Adding a new Device','Advanced User Accounts','Advanced User Accounts msc','Backup and Restore','Bluetooth File Transfer','Calculator','Certificates','Change Computer Performance Settings','Change Data Execution Prevention','Change Data Execution Prevention Settings','Character Map','ClearType Tuner','Color Management','Command Prompt','Component Services','Component Services DCOM','Computer Management','Computer Management launcher','Connect to a Projector','Control Panel','Create A Shared Folder Wizard','Create a System Repair Disc','Data Execution Prevention','Date and Time','Default Location','Device Manager','Device Manager msc','Device Pairing Wizard','Diagnostics Troubleshooting Wizard','Digitizer Calibration Tool','DirectX Diagnostic Tool','Disk Cleanup','Disk Defragmenter','Disk Management','Display','Display Color Calibration','Display Switch','DPAPI Key Migration Wizard','Driver Verifier |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| YwBhAGwAYwA= |
SadProcessor
/ Get-Qwiki.ps1
Last active
September 18, 2017 16:17
Quick Wikipedia Search Utility (MultiLang) - TIP: add to Posh Profile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Quick Wiki Search | |
| .DESCRIPTION | |
| Get Wikipedia Search. Summary in Console or Full pages Online. | |
| .EXAMPLE | |
| QWiki | |
| .EXAMPLE | |
| Qwiki -Search PowerShell | |
| .EXAMPLE |
SadProcessor
/ MultiDynParams.ps1
Last active
March 20, 2017 19:19
Multiple Dynamic Param Template - Because Tab-Completion & Intellisense
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## TEMPLATE MULTIPLE DYNAMIC PARAMETER ## | |
| <# | |
| .Synopsis | |
| Test Dynamic Params | |
| .DESCRIPTION | |
| Multiple Dynamic Param Template | |
| Because Tab-Completion & Intellisense | |
| .EXAMPLE | |
| Try me... |
NewerOlder