aboutsummaryrefslogtreecommitdiff
path: root/CodeExecution
AgeCommit message (Collapse)AuthorFilesLines
2016-05-29Fixed FreeLibrary function signature #146Matt Graeber1-1/+1
The parameter type and return types were accidentally transposed. Thanks @rojaster for pointing this out.
2015-12-18Set all module versions to 3.0Matt Graeber1-56/+1
Also cleaned up some module manifest cruft.
2015-12-16Removed all version numbers from scriptsMatt Graeber2-6/+1
Scripts in a module should not be individually versioned. Only the module should be versioned.
2015-12-16Added a slight delay to Invoke-DllInjection validationMatt Graeber1-2/+4
In some cases, the loaded module would show up as loaded after the check occurred.
2015-12-16Invoke-DllInjection detects OS arch on all OSesMatt Graeber1-6/+4
This fix addresses issue #99. While I'm not the biggest fan of performing tests based on environment variables, I felt that making additional Win32 API calls would have been overkill.
2015-12-16Fixed Invoke-WmiCommand credential popup issueMatt Graeber1-1/+1
Easy fix to issue #97
2015-12-15Invoke-WmiCommand is now PSv2 compatibleMatt Graeber1-6/+19
This bug fix addresses issue #96. As much as a hate dropping files to disk, this was the easiest way to preserve objects in PSv2+. If someone want to implement the [de]serialization themselves and keep everything in memory, please submit a PR.
2015-12-15Invoke-WmiCommand now obtains full powershell pathMatt Graeber1-2/+16
Addresses issue #95.
2015-12-14Bugfix #93Matt Graeber1-13/+1
Removed the "EndAddress" parameter set since it was never used. This should resolve any parameter set confusion.
2015-12-14Bugfix #92: perform OS check when importing NtCreateThreadExMatt Graeber1-4/+7
2015-12-14Fix Invoke-Shellcode OS architecture detectionMatt Graeber1-10/+23
Fixes issue #70
2015-11-07Adding -DoNotZeroMZ for testingMatt Graeber1-5/+14
2015-11-07Removed extraneous parametersMatt Graeber1-58/+13
Removed extraneous parameters Removed the following extraneous parameters: -PEPath -PEUrl The functionality they provided can be easily replicated in code outside of Invoke-ReflectivePEInjection. i.e. it should be up to the user how they might want to download a PE before loading it. That should not be dictated by Invoke-ReflectivePEInjection.
2015-11-07Revert "Removed extraneous parameters"Matt Graeber1-18/+89
This reverts commit 0eb520e31f97bc0ca83bd2c1546a18dd97e09d79.
2015-11-07Removed extraneous parametersMatt Graeber1-89/+18
Removed the following extraneous parameters: -PEPath -PEUrl -ComputerName The functionality they provided can be easily replicated in code outside of Invoke-ReflectivePEInjection. i.e. it should be up to the user how they might want to download a PE before loading it. That should not be dictated by Invoke-ReflectivePEInjection.
2015-11-06Fixed a casting bugMatt Graeber1-2/+2
2015-11-05Removing Invoke-ShellcodeMSILMatt Graeber2-268/+1
This was only ever intended to be a PoC. I'll bring this back if requested but it exhibits duplicate functionality.
2015-11-05Re-import Invoke-Shellcode.ps1Matt Graeber1-1/+1
2015-11-05Removing Metasploit integration from Invoke-ShellcodeMatt Graeber1-267/+4
This should have only ever been a shellcode runner. Those wishing to integrate this with Metasploit should generate a shellcode payload with msfvenom.
2015-11-04Migrating everything back to Invoke-Shellcode.ps1. I'm done making my point ↵Matt Graeber3-773/+719
now. :P
2015-09-23Adding Invoke-WmiCommandMatt Graeber2-1/+335
2015-04-26URI fix, Proxy Support, UA Update Chris Campbell1-8/+58
This fixes the URI bug submitted by @enigma0x3. Thank you for the PR as well! A legacy switch is added in case anyone is relying on this script and an older meterpreter handler. Proxy support is added to grab the default proxy by way of a switch. The default user-agent is grabbed from the registry instead of being a static string. I tested this on a Windows 7 SP1 (both x86 and 64-bit) and Windows 8.1 (64-bit) with an older handler and an updated one.
2015-02-03Added parameters back to the original Invoke-Shellcodemattifestation1-1/+47
2015-02-03Moved Invoke-Shellcodemattifestation4-715/+723
These things happen
2015-01-26Adding PEBytes parameterclymb3r1-5/+17
Added PEBytes parameter for reflectively loading a PE file passed as a byte array to the script.
2015-01-07Bugfix: Resolving ordinals in remote dll injectionclymb3r1-2/+2
Thanks to sixdub for finding and fixing a bug when resolving functions by ordinal in remote processes.
2014-07-12Merge pull request #52 from clymb3r/masterMatt Graeber1-63/+157
Bug fixes to Invoke-ReflectivePEInjection
2014-07-10Bug fixes to Invoke-ReflectivePEInjectionclymb3r1-63/+157
Fixed a bug where calling GetProcAddress by ordinal instead of procedure name failed. Fixed a bug where reflectively loading an EXE will cause the entry function (main()) to be called twice instead of once as expected. Added a ForceASLR flag to force ASLR to be used even if the PE file doesn't officially support ASLR. Some minor other changes.
2014-06-21Invoke-DllInjection now calls RtlCreateUserThreadmattifestation1-24/+26
Calling CreateRemoteThread on lsass. Bug fix: Invoke-DllInjection was checking the processor architecture when it should have been validating the OS architecture. This would cause Invoke-DllInjection to fail on a 32-bit OS with a 64-bit processor.
2014-06-19Removing Watch-BlueScreenmattifestation2-79/+1
This vulnerability was patched a while ago making this function largely irrelevant.
2013-11-13Normalized all scripts to ASCII encodingmattifestation6-10/+10
2013-10-01Switching to ANSI from UTF8 encodingclymb3r1-2/+2
Scripts now work in 2008r2. I thought I tested before uploading but something broke somehow... Now the scripts work in 2008r2 and win8+
2013-09-30Fixes for Windows 8.1/.NET 4.5clymb3r1-2593/+2575
.NET 4.5 introduced breaking changes in the way Marshalling works. Added a fix so ReflectivePEInjection works with Windows 8.1/.NET4.5.
2013-09-03Call to DllMain when unloading reflective DLLclymb3r1-0/+9
Prior to this fix, DllMain with the ProessDetach flag was not called when unloading the reflectively loaded DLL. This was causing very weird crashes in the Invoke-NinjaCopy script which is built on this script. This should fix the crash.
2013-05-31Added Invoke-ReflectivePEInjectionMatt Graeber55-1549/+4244
Another awesome addition from Joe Bialek. Invoke-ReflectivePEInjection is a vast improvement over Invoke-ReflectiveDllInjection. It adds the following features: * Now supports loading exe files in memory * Supports reflective dll injection into a remote process * Additional sample Visual Studio solutions
2013-05-13Added an idiot filter to Watch-BlueScreenMatt Graeber1-3/+7
2013-05-13Added Watch-BlueScreenMatt Graeber2-1/+75
Causes a blue-screen (bugcheck) to occur.
2013-05-12Removed test code in Invoke-ShellcodeMSILMatt Graeber1-4/+1
There was some test code at the end of Invoke-ShellcodeMSIL that would cause the function to execute when the script was dotsourced.
2013-04-06Adding reflective DLL loading capabilityMatt Graeber14-1/+1956
Adding Invoke-ReflectiveDllInjection. PowerSploit now has reflective DLL loading capabilities!!! Thanks to Joe Bialek @JosephBialek for writing this awesome code!
2013-04-05Adding Invoke-ShellcodeMSILMatt Graeber2-87/+357
Invoke-ShellcodeMSIL executes shellcode without making any Win32 function calls.
2013-02-17Updated 64-32bit conversion logic for Metasploitbitform1-2/+2
2013-01-21Consistency improvements in comment-based helpbitform2-2/+2
2013-01-20Added 'CodeExecution' Modulebitform5-0/+1142
* I unfortunately needed to change the names of Inject-Shellcode and Inject-Dll to Invoke-Shellcode and Invoke-DllInjection in order to confirm to proper verb naming.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-25 22:41:36 +0000