PowerSploit - PowerSploit - A PowerShell Post-Exploitation Framework

Age	Commit message (Collapse)	Author	Files	Lines
2016-03-09	Fixed bug with Get-NetGroupMember and computer accounts.	Harmj0y	1	-33/+15
	samaccounttype enumeration now more accurate.
2016-03-09	fix for Find-GPOComputerAdmin	Harmj0y	1	-3/+15

2016-03-09	Bug fix for Invoke-EnumerateLocalAdmin	Harmj0y	1	-5/+4

2016-03-09	Removed Set-MacAttribute and Copy-ClonedFile	Harmj0y	2	-234/+117
	Combined Convert-NT4toCanonical and Convert-DomainSimpletoNT4 into Convert-ADName
2016-03-07	Added New-GPOImmediateTask	Harmj0y	1	-12/+220

2016-03-07	DomainOnly tweak	Harmj0y	1	-5/+4

2016-03-07	Added -DomainOnly flag to Invoke-EnumerateLocalAdmin	Harmj0y	1	-9/+23

2016-03-07	renamed output field for Get-NetLocalGroup API	Harmj0y	1	-1/+1

2016-03-07	Added NetLocalGroupGetMembers enumeration method for Get-NetLocalGroup with ↵	Harmj0y	1	-151/+302
	the -API flag Fixed threading specification in most threaded functions.
2016-03-06	Added additional fields to Get-NetLocalGroup results.	Harmj0y	1	-22/+63

2016-02-28	Modified output of Find-GPOLocation to return more object information.	Harmj0y	1	-26/+48

2016-02-28	-fixed several bugs in Find-GPOLocation (-GroupName now works properly and ↵	Harmj0y	1	-132/+147
	Sites returned) -Find-GPOLocation with no arguments now returns all mappings -fixed parsing issue in Get-NetGPOGroup- names now properly extracted from restricted group templates
2016-02-12	Added Pester tests for Get-SiteListPassword	Harmj0y	2	-2/+95
	Encrypted password check for Get-SiteListPassword fields
2016-02-12	Added additional search paths, code cleanup.	Harmj0y	1	-42/+14

2016-02-11	Added Get-SiteListPassword to decrypt McAfee SiteList.xml file passwords.	Harmj0y	2	-1/+203

2016-02-11	Most ldap-based search functions now accept a -Credential argument for ↵	Harmj0y	1	-1084/+1427
	querying from non-domain joined machines without a runas Changed several functions to filters, where appropriate. Get-NetShare, Get-NetSession, Get-NetLoggedOn, Get-NetRDPSession, Invoke-CheckLocalAdminAccess, Get-LastLoggedOn, Get-CachedRDPConnection, Get-NetProcess are now filters, better handle pipeline input, and now return an augmented result object with the queried ComputerName as a field Replaced RemoteUserName/RemotePassword with -Credential parameter in Get-CachedRDPConnection and Get-NetProcess modified output object for Get-NetShare to be a proper object Various bug fixes and better parameter validation
2016-01-25	Merge pull request #111 from sagishahar/dev	HarmJ0y	1	-3/+3
	Fix 'Install-ServiceBinary' for non-'Modifiable' files
2016-01-25	Merge pull request #108 from sagishahar/master	HarmJ0y	2	-55/+195
	Add 'CanRestart' to output and Pester tests
2016-01-17	Fix 'Install-ServiceBinary' for non-'Modifiable' files	sagishahar	1	-3/+3
	The 'Install-ServiceBinary' function fails on an edge case where the service's file permission does not include the 'Modify' permission but does include the 'Write' permission (https://technet.microsoft.com/en-au/library/dd349321(v=ws.10).aspx). In this scenario, renaming the original service file for backup purposes will result in 'Access Denied' message. Fixing this requires that the file be copied to service.exe.bak instead of renamed to service.exe.bak.
2016-01-14	Merge pull request #107 from secabstraction/dev	Matt Graeber	2	-206/+376
	new Get-Keystrokes
2016-01-13	Fixed Pester/PassThru	Jesse Davis	1	-0/+2

2016-01-13	Fixed Pester/PassThru	Jesse Davis	1	-2/+0

2016-01-13	Fixed Pester/PassThru	Jesse Davis	1	-1/+1

2016-01-13	Fixed Pester/PassThru	Jesse Davis	2	-12/+12

2016-01-13	Fixed Pester/PassThru	Jesse Davis	2	-7/+11

2016-01-13	Merge pull request #110 from PowerShellMafia/master	Matt Graeber	1	-1/+2
	Merging Invoke-TokenManipulation fix into dev
2016-01-13	Merge pull request #109 from mmashwani/master	Matt Graeber	1	-1/+2
	Don't search for SYSTEM token by using hard coded English name
2016-01-13	Don't search for SYSTEM token by using hard coded English name for SYSTEM ↵	mmashwani	1	-1/+2
	account. Translate SYSTEM SID to NTAccount to maintain compatibility across languages.
2016-01-13	Add 'CanRestart' to output and Pester tests	sagishahar	2	-55/+195
	Pester tests to the function 'Test-ServiceDaclPermission' were added in order to increase confidence in its reliability. In general, my intention was to replace the current functionality of the service management functions such as Invoke-ServiceStart, to not use blindly 'sc.exe start' but rather consult with the DACL permissions and base the decision on that. Unforunately, further investigation lead me to the conclusion that retrieval of the service's DACL permissions requires that an additional DACL permission (RC) be set. This may lead to an edge case that could miss a potential privilege escalation condition and thereby the original idea was discarded. Nonetheless, 'Test-ServiceDaclPermission' can be used for less critical tasks. Therefore, a 'CanRestart' property was added to the output of the service enumeration functions such as 'Get-ServiceUnquoted' as I think that it will add value to redteamers/pentesters by helping them prioritise which service should be abused for escalation of privileges. Services that can be restarted by a low privileged user will probably be prioritised first. Additionally, manual checking whether the vulnerable service can be restarted would not be required in most cases.
2016-01-11	Update Get-Keystrokes.ps1	Jesse Davis	1	-4/+4

2016-01-09	Update Exfiltration.tests.ps1	Jesse Davis	1	-2/+2

2016-01-09	new Get-Keystrokes	Jesse Davis	2	-207/+373

2015-12-29	Merge pull request #105 from stufus/find_ad_managed_security_groups	Matt Graeber	5	-63/+138
	Find AD Managed Security Groups
2015-12-29	Added Find-ManagedSecurityGroups to readme	Stuart Morgan	1	-0/+2

2015-12-29	Sorted exports into alphabetical order	Stuart Morgan	1	-13/+13

2015-12-29	Sorted the recon.psd1 module import into alphabetical order	Stuart Morgan	1	-51/+51

2015-12-29	Added reference to function to powersploit.psd1 and recon.psd1	Stuart Morgan	2	-0/+2

2015-12-28	Added Find-ManagedSecurityGroups	Stuart Morgan	1	-0/+71

2015-12-18	Merge pull request #102 from PowerShellMafia/devv3.0.0	PowerShellMafia	43	-1612/+16557
	Merge 3.0 release changes
2015-12-18	Set all module versions to 3.0	Matt Graeber	9	-335/+19
	Also cleaned up some module manifest cruft.
2015-12-18	Improved root module manifest for PS Gallery	Matt Graeber	1	-14/+116

2015-12-18	Added manifest info for the PowerShell Gallery	Matt Graeber	1	-0/+17

2015-12-18	Updated .psproj to reflect additions/removals	Matt Graeber	1	-1/+9

2015-12-17	Revert "Invoke-ReflectivePEInjection test harnesses updated"	Matt Graeber	1	-2/+2
	This reverts commit 98ebc1b0b8b64d069d34d80c128aa226b5e8416f.
2015-12-17	Invoke-ReflectivePEInjection test harnesses updated	Matt Graeber	1	-2/+2
	Affected test harness PEs were updated to work in XP. Addresses issue #100
2015-12-16	Removed version numbers from scripts	Matt Graeber	1	-6/+0
	A module should maintain a version number not the individual scripts.
2015-12-16	Removed all version numbers from scripts	Matt Graeber	11	-77/+5
	Scripts in a module should not be individually versioned. Only the module should be versioned.
2015-12-16	Added volume shadow copy functions to README.md	PowerShellMafia	1	-1/+9

2015-12-16	Update README.md	PowerShellMafia	1	-4/+11

2015-12-16	Added a slight delay to Invoke-DllInjection validation	Matt Graeber	1	-2/+4
	In some cases, the loaded module would show up as loaded after the check occurred.