aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2016-01-25Merge pull request #108 from sagishahar/masterHarmJ0y2-55/+195
Add 'CanRestart' to output and Pester tests
2016-01-14Merge pull request #107 from secabstraction/devMatt Graeber2-206/+376
new Get-Keystrokes
2016-01-13Fixed Pester/PassThruJesse Davis1-0/+2
2016-01-13Fixed Pester/PassThruJesse Davis1-2/+0
2016-01-13Fixed Pester/PassThruJesse Davis1-1/+1
2016-01-13Fixed Pester/PassThruJesse Davis2-12/+12
2016-01-13Fixed Pester/PassThruJesse Davis2-7/+11
2016-01-13Merge pull request #110 from PowerShellMafia/masterMatt Graeber1-1/+2
Merging Invoke-TokenManipulation fix into dev
2016-01-13Merge pull request #109 from mmashwani/masterMatt Graeber1-1/+2
Don't search for SYSTEM token by using hard coded English name
2016-01-13Don't search for SYSTEM token by using hard coded English name for SYSTEM ↵mmashwani1-1/+2
account. Translate SYSTEM SID to NTAccount to maintain compatibility across languages.
2016-01-13Add 'CanRestart' to output and Pester testssagishahar2-55/+195
Pester tests to the function 'Test-ServiceDaclPermission' were added in order to increase confidence in its reliability. In general, my intention was to replace the current functionality of the service management functions such as Invoke-ServiceStart, to not use blindly 'sc.exe start' but rather consult with the DACL permissions and base the decision on that. Unforunately, further investigation lead me to the conclusion that retrieval of the service's DACL permissions requires that an additional DACL permission (RC) be set. This may lead to an edge case that could miss a potential privilege escalation condition and thereby the original idea was discarded. Nonetheless, 'Test-ServiceDaclPermission' can be used for less critical tasks. Therefore, a 'CanRestart' property was added to the output of the service enumeration functions such as 'Get-ServiceUnquoted' as I think that it will add value to redteamers/pentesters by helping them prioritise which service should be abused for escalation of privileges. Services that can be restarted by a low privileged user will probably be prioritised first. Additionally, manual checking whether the vulnerable service can be restarted would not be required in most cases.
2016-01-11Update Get-Keystrokes.ps1Jesse Davis1-4/+4
2016-01-09Update Exfiltration.tests.ps1Jesse Davis1-2/+2
2016-01-09new Get-KeystrokesJesse Davis2-207/+373
2015-12-29Merge pull request #105 from stufus/find_ad_managed_security_groupsMatt Graeber5-63/+138
Find AD Managed Security Groups
2015-12-29Added Find-ManagedSecurityGroups to readmeStuart Morgan1-0/+2
2015-12-29Sorted exports into alphabetical orderStuart Morgan1-13/+13
2015-12-29Sorted the recon.psd1 module import into alphabetical orderStuart Morgan1-51/+51
2015-12-29Added reference to function to powersploit.psd1 and recon.psd1Stuart Morgan2-0/+2
2015-12-28Added Find-ManagedSecurityGroupsStuart Morgan1-0/+71
2015-12-18Merge pull request #102 from PowerShellMafia/devv3.0.0PowerShellMafia43-1612/+16557
Merge 3.0 release changes
2015-12-18Set all module versions to 3.0Matt Graeber9-335/+19
Also cleaned up some module manifest cruft.
2015-12-18Improved root module manifest for PS GalleryMatt Graeber1-14/+116
2015-12-18Added manifest info for the PowerShell GalleryMatt Graeber1-0/+17
2015-12-18Updated .psproj to reflect additions/removalsMatt Graeber1-1/+9
2015-12-17Revert "Invoke-ReflectivePEInjection test harnesses updated"Matt Graeber1-2/+2
This reverts commit 98ebc1b0b8b64d069d34d80c128aa226b5e8416f.
2015-12-17Invoke-ReflectivePEInjection test harnesses updatedMatt Graeber1-2/+2
Affected test harness PEs were updated to work in XP. Addresses issue #100
2015-12-16Removed version numbers from scriptsMatt Graeber1-6/+0
A module should maintain a version number not the individual scripts.
2015-12-16Removed all version numbers from scriptsMatt Graeber11-77/+5
Scripts in a module should not be individually versioned. Only the module should be versioned.
2015-12-16Added volume shadow copy functions to README.mdPowerShellMafia1-1/+9
2015-12-16Update README.mdPowerShellMafia1-4/+11
2015-12-16Added a slight delay to Invoke-DllInjection validationMatt Graeber1-2/+4
In some cases, the loaded module would show up as loaded after the check occurred.
2015-12-16Invoke-DllInjection detects OS arch on all OSesMatt Graeber1-6/+4
This fix addresses issue #99. While I'm not the biggest fan of performing tests based on environment variables, I felt that making additional Win32 API calls would have been overkill.
2015-12-16Fixed Add-Persistence. Issue #98Matt Graeber1-1/+2
2015-12-16Fixed mangled decrypted script outputMatt Graeber1-2/+3
Addresses issue #80. This was a tricky fix because the script should ideally handle Unicode and Ascii encoded scripts. I haven't tested scripts with international characters but I would imagine those script would get mangled since the decrypted output is ultimately normalized to ascii.
2015-12-16Fixed Invoke-WmiCommand credential popup issueMatt Graeber1-1/+1
Easy fix to issue #97
2015-12-15Merge pull request #91 from FixTheExchange/patch-1PowerShellMafia1-4/+9
Update Invoke-TokenManipulation.ps1 to address Win 10 incompatibility
2015-12-15Invoke-WmiCommand is now PSv2 compatibleMatt Graeber1-6/+19
This bug fix addresses issue #96. As much as a hate dropping files to disk, this was the easiest way to preserve objects in PSv2+. If someone want to implement the [de]serialization themselves and keep everything in memory, please submit a PR.
2015-12-15Invoke-WmiCommand now obtains full powershell pathMatt Graeber1-2/+16
Addresses issue #95.
2015-12-14Invoke-DllInjection Pester test improvementMatt Graeber1-7/+7
The test dll I now use is advpack.dll since that is present in all versions of windows.
2015-12-14Invoke-Mimkatz: Incorporated latest 2.0 alpha buildMatt Graeber1-6/+9
Updated embedded powerkatz.dll to the latest version of mimikatz - [Commit 1b13057](https://github.com/gentilkiwi/mimikatz/commit/1b130574ed78d1d9bf6117b0839056900cb8f816) This update addresses issue #94.
2015-12-14Removed commented blocks.Harmj0y1-6/+6
2015-12-14Merge branch 'dev' of https://github.com/PowerShellMafia/PowerSploit into devHarmj0y3-47/+17
2015-12-14Removed C# enum for Test-ServiceDaclPermissionHarmj0y1-42/+42
2015-12-14Bugfix #93Matt Graeber3-39/+3
Removed the "EndAddress" parameter set since it was never used. This should resolve any parameter set confusion.
2015-12-14Bugfix #92: perform OS check when importing NtCreateThreadExMatt Graeber2-8/+14
2015-12-14Added admin rights check for existing Privesc Pester testsHarmj0y1-1/+45
2015-12-14Get-NetDomain now not called if -ComputerName or -ComputerFile are passed ↵Harmj0y2-228/+173
for meta functions, in order to prevent failure when running on a non-domain joined machine took out FQDN Pester tests from Recon.tests.ps1 that used $env:userdnsdomain
2015-12-14Modified Tests/Privesc.tests.ps1 to ensure file artifacts are not left on disk.Harmj0y1-62/+103
2015-12-14Modified Tests/Recon.tests.ps1 to ensure file artifacts are not left on disk.Harmj0y1-54/+68
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-30 09:49:57 +0000