aboutsummaryrefslogtreecommitdiff
path: root/CodeExecution
AgeCommit message (Collapse)AuthorFilesLines
2014-07-12Merge pull request #52 from clymb3r/masterMatt Graeber1-63/+157
Bug fixes to Invoke-ReflectivePEInjection
2014-07-10Bug fixes to Invoke-ReflectivePEInjectionclymb3r1-63/+157
Fixed a bug where calling GetProcAddress by ordinal instead of procedure name failed. Fixed a bug where reflectively loading an EXE will cause the entry function (main()) to be called twice instead of once as expected. Added a ForceASLR flag to force ASLR to be used even if the PE file doesn't officially support ASLR. Some minor other changes.
2014-06-21Invoke-DllInjection now calls RtlCreateUserThreadmattifestation1-24/+26
Calling CreateRemoteThread on lsass. Bug fix: Invoke-DllInjection was checking the processor architecture when it should have been validating the OS architecture. This would cause Invoke-DllInjection to fail on a 32-bit OS with a 64-bit processor.
2014-06-19Removing Watch-BlueScreenmattifestation2-79/+1
This vulnerability was patched a while ago making this function largely irrelevant.
2013-11-13Normalized all scripts to ASCII encodingmattifestation6-10/+10
2013-10-01Switching to ANSI from UTF8 encodingclymb3r1-2/+2
Scripts now work in 2008r2. I thought I tested before uploading but something broke somehow... Now the scripts work in 2008r2 and win8+
2013-09-30Fixes for Windows 8.1/.NET 4.5clymb3r1-2593/+2575
.NET 4.5 introduced breaking changes in the way Marshalling works. Added a fix so ReflectivePEInjection works with Windows 8.1/.NET4.5.
2013-09-03Call to DllMain when unloading reflective DLLclymb3r1-0/+9
Prior to this fix, DllMain with the ProessDetach flag was not called when unloading the reflectively loaded DLL. This was causing very weird crashes in the Invoke-NinjaCopy script which is built on this script. This should fix the crash.
2013-05-31Added Invoke-ReflectivePEInjectionMatt Graeber55-1549/+4244
Another awesome addition from Joe Bialek. Invoke-ReflectivePEInjection is a vast improvement over Invoke-ReflectiveDllInjection. It adds the following features: * Now supports loading exe files in memory * Supports reflective dll injection into a remote process * Additional sample Visual Studio solutions
2013-05-13Added an idiot filter to Watch-BlueScreenMatt Graeber1-3/+7
2013-05-13Added Watch-BlueScreenMatt Graeber2-1/+75
Causes a blue-screen (bugcheck) to occur.
2013-05-12Removed test code in Invoke-ShellcodeMSILMatt Graeber1-4/+1
There was some test code at the end of Invoke-ShellcodeMSIL that would cause the function to execute when the script was dotsourced.
2013-04-06Adding reflective DLL loading capabilityMatt Graeber14-1/+1956
Adding Invoke-ReflectiveDllInjection. PowerSploit now has reflective DLL loading capabilities!!! Thanks to Joe Bialek @JosephBialek for writing this awesome code!
2013-04-05Adding Invoke-ShellcodeMSILMatt Graeber2-87/+357
Invoke-ShellcodeMSIL executes shellcode without making any Win32 function calls.
2013-02-17Updated 64-32bit conversion logic for Metasploitbitform1-2/+2
2013-01-21Consistency improvements in comment-based helpbitform2-2/+2
2013-01-20Added 'CodeExecution' Modulebitform5-0/+1142
* I unfortunately needed to change the names of Inject-Shellcode and Inject-Dll to Invoke-Shellcode and Invoke-DllInjection in order to confirm to proper verb naming.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-29 10:28:26 +0000