mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-12-18 07:05:11 +01:00
Added SharpWebServer
This commit is contained in:
parent
b2b5629fe0
commit
b4aa1ec24e
3
.gitmodules
vendored
3
.gitmodules
vendored
@ -52,3 +52,6 @@
|
||||
[submodule "red-teaming/CobaltSplunk"]
|
||||
path = red-teaming/CobaltSplunk
|
||||
url = https://github.com/mgeeky/CobaltSplunk
|
||||
[submodule "red-teaming/SharpWebServer"]
|
||||
path = red-teaming/SharpWebServer
|
||||
url = https://github.com/mgeeky/SharpWebServer
|
||||
|
@ -340,6 +340,31 @@ $ ./markOwnedNodesInNeo4j.py kerberoasted.txt
|
||||
|
||||
- **`set-handler.rc`** - Quickly set metasploit's multi-handler + web_delivery (separated) handler for use with powershell. ([gist](https://gist.github.com/mgeeky/bf4d732aa6e602ca9b77d089fd3ea7c9))
|
||||
|
||||
- [**`SharpWebServer`**](https://github.com/mgeeky/SharpWebServer) - Red Team oriented C# Simple HTTP Server with Net-NTLMv1/2 hashes capture functionality
|
||||
|
||||
```
|
||||
C:\> SharpWebServer.exe port=8888 dir=C:\Windows\Temp verbose=true ntlm=true
|
||||
|
||||
:: SharpWebServer ::
|
||||
a Red Team oriented C# Simple HTTP Server with Net-NTLMv1/2 hashes capture functionality
|
||||
|
||||
[.] Serving HTTP server on port : 8888
|
||||
[.] Will run for this long : 60 seconds
|
||||
[.] Verbose mode turned on.
|
||||
[.] NTLM mode turned on.
|
||||
[.] Serving files from directory : C:\Windows\Temp
|
||||
|
||||
SharpWebServer [29.03.21, 17:55:14] NTLM: Sending 401 Unauthorized due to lack of Authorization header.
|
||||
SharpWebServer [29.03.21, 17:55:14] ::1 - "GET /test.txt" - len: 0 (401)
|
||||
SharpWebServer [29.03.21, 17:55:14] NTLM: Sending 401 Unauthorized with NTLM Challenge Response.
|
||||
SharpWebServer [29.03.21, 17:55:14] ::1 - "GET /test.txt" - len: 0 (401)
|
||||
|
||||
[+] SharpWebServer: Net-NTLM hash captured:
|
||||
TestUser:::1122334455667788:66303EE2DF9417E2FE07E1B7FD663205:010100000000000092EC04E8B324D701C2B561D5FECBB325000000000200060053004D0042000100160053004D0042002D0054004F004F004C004B00490054000400120073006D0062002E006C006F00630061006C000300280073006500720076006500720032003000300033002E0073006D0062002E006C006F00630061006C000500120073006D0062002E006C006F00630061006C00080030003000000000000000010000000020000045E18A336DA58F5F0F826F846C699F77DCCF02BA5135525AC52EFBB0C0A1F1160A0010000000000000000000000000000000000009001C0048005400540050002F006C006F00630061006C0068006F00730074000000000000000000
|
||||
|
||||
SharpWebServer [29.03.21, 17:55:14] ::1 - "GET /test.txt" - len: 11 (200)
|
||||
```
|
||||
|
||||
- [**`SharpWMI`**](https://github.com/mgeeky/SharpWMI) - This implementation is a refurbished and enhanced version of original SharpWMI by @harmj0y that adds some more flexibility for working with malicious VBS scripts, AMSI evasion, file upload purely via WMI and makes it possible to return output from WMI remotely executed commands. Initially submitted as a [Pull Request #3](https://github.com/GhostPack/SharpWMI/pull/3) to the original repo of that project, however unless it's merged there - will pin my fork here for accountability
|
||||
|
||||
- **`Stracciatella`** - Powershell runspace from within C# (aka `SharpPick` technique) with AMSI and Script Block Logging disabled for your pleasure.
|
||||
|
1
red-teaming/SharpWebServer
Submodule
1
red-teaming/SharpWebServer
Submodule
@ -0,0 +1 @@
|
||||
Subproject commit 8346f4bc38d53467498ec47f123b98258cb297e0
|
Loading…
Reference in New Issue
Block a user