From 7ce33c794f39b2cc89f27484a6101160366cb7d8 Mon Sep 17 00:00:00 2001
From: bitform <matt@exploit-monday.com>
Date: Sat, 26 May 2012 12:34:54 -0400
Subject: Complete rewrite of Powersyringe

---
 .gitattributes       |  49 +++++++++++++++
 .gitignore           | 165 +++++++++++++++++++++++++++++++++++++++++++++++++++
 Encrypt-Script.ps1   | Bin 0 -> 7550 bytes
 Inject-Dll.ps1       | Bin 0 -> 20068 bytes
 Inject-Shellcode.ps1 | Bin 0 -> 40362 bytes
 README               |  19 ++++++
 Release_Notes.txt    |  17 ++++++
 7 files changed, 250 insertions(+)
 create mode 100644 .gitattributes
 create mode 100644 .gitignore
 create mode 100644 Encrypt-Script.ps1
 create mode 100644 Inject-Dll.ps1
 create mode 100644 Inject-Shellcode.ps1
 create mode 100644 README
 create mode 100644 Release_Notes.txt

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..26ea710
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,49 @@
+*.doc  diff=astextplain
+*.DOC	diff=astextplain
+*.docx	diff=astextplain
+*.DOCX	diff=astextplain
+*.dot	diff=astextplain
+*.DOT	diff=astextplain
+*.pdf	diff=astextplain
+*.PDF	diff=astextplain
+*.rtf	diff=astextplain
+*.RTF	diff=astextplain
+
+*.jpg  	binary
+*.png 	binary
+*.gif 	binary
+
+*.cs text=auto diff=csharp 
+*.vb text=auto
+*.c text=auto
+*.cpp text=auto
+*.cxx text=auto
+*.h text=auto
+*.hxx text=auto
+*.py text=auto
+*.rb text=auto
+*.java text=auto
+*.html text=auto
+*.htm text=auto
+*.css text=auto
+*.scss text=auto
+*.sass text=auto
+*.less text=auto
+*.js text=auto
+*.lisp text=auto
+*.clj text=auto
+*.sql text=auto
+*.php text=auto
+*.lua text=auto
+*.m text=auto
+*.asm text=auto
+*.erl text=auto
+*.fs text=auto
+*.fsx text=auto
+*.hs text=auto
+
+*.csproj text=auto merge=union 
+*.vbproj text=auto merge=union 
+*.fsproj text=auto merge=union 
+*.dbproj text=auto merge=union 
+*.sln text=auto eol=crlf merge=union 
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..c583f98
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,165 @@
+
+#################
+## Eclipse
+#################
+
+*.pydevproject
+.project
+.metadata
+bin/**
+tmp/**
+tmp/**/*
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.classpath
+.settings/
+.loadpath
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# CDT-specific
+.cproject
+
+# PDT-specific
+.buildpath
+
+
+#################
+## Visual Studio
+#################
+
+## Ignore Visual Studio temporary files, build results, and
+## files generated by popular Visual Studio add-ons.
+
+# User-specific files
+*.suo
+*.user
+*.sln.docstates
+
+# Build results
+**/[Dd]ebug/
+**/[Rr]elease/
+*_i.c
+*_p.c
+*.ilk
+*.meta
+*.obj
+*.pch
+*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.vspscc
+.builds
+**/*.dotCover
+
+## TODO: If you have NuGet Package Restore enabled, uncomment this
+#**/packages/ 
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opensdf
+*.sdf
+
+# Visual Studio profiler
+*.psess
+*.vsp
+
+# ReSharper is a .NET coding add-in
+_ReSharper*
+
+# Installshield output folder 
+[Ee]xpress
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish
+
+# Others
+[Bb]in
+[Oo]bj
+sql
+TestResults
+*.Cache
+ClientBin
+stylecop.*
+~$*
+*.dbmdl
+Generated_Code #added for RIA/Silverlight projects
+
+# Backup & report files from converting an old project file to a newer
+# Visual Studio version. Backup files are not needed, because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+
+
+
+############
+## Windows
+############
+
+# Windows image file caches
+Thumbs.db 
+
+# Folder config file
+Desktop.ini
+
+
+#############
+## Python
+#############
+
+*.py[co]
+
+# Packages
+*.egg
+*.egg-info
+dist
+build
+eggs
+parts
+bin
+var
+sdist
+develop-eggs
+.installed.cfg
+
+# Installer logs
+pip-log.txt
+
+# Unit test / coverage reports
+.coverage
+.tox
+
+#Translations
+*.mo
+
+#Mr Developer
+.mr.developer.cfg
+
+# Mac crap
+.DS_Store
diff --git a/Encrypt-Script.ps1 b/Encrypt-Script.ps1
new file mode 100644
index 0000000..7d043d3
Binary files /dev/null and b/Encrypt-Script.ps1 differ
diff --git a/Inject-Dll.ps1 b/Inject-Dll.ps1
new file mode 100644
index 0000000..6f81ef2
Binary files /dev/null and b/Inject-Dll.ps1 differ
diff --git a/Inject-Shellcode.ps1 b/Inject-Shellcode.ps1
new file mode 100644
index 0000000..14b673c
Binary files /dev/null and b/Inject-Shellcode.ps1 differ
diff --git a/README b/README
new file mode 100644
index 0000000..637415e
--- /dev/null
+++ b/README
@@ -0,0 +1,19 @@
+PowerSploit is a series of Microsoft PowerShell scripts that can be used in post-exploitation scenarios during authorized penetration tests. PowerSploit is comprised of the following scripts:
+
+
+Inject-Dll:
+
+   Inject-Dll injects a Dll into the process ID of your choosing.
+
+Inject-Shellcode:
+
+   Inject-Shellcode injects shellcode into the process ID of your choosing or within PowerShell locally.
+
+Encrypt-Script:
+
+   Encrypt-Script will encrypt a script (or any text file for that matter) and output the results to a minimally obfuscated script - evil.ps1.
+
+
+Usage:
+
+   Refer to the comment-based help in each individual script for usage information.
\ No newline at end of file
diff --git a/Release_Notes.txt b/Release_Notes.txt
new file mode 100644
index 0000000..4fc2004
--- /dev/null
+++ b/Release_Notes.txt
@@ -0,0 +1,17 @@
+05/26/2012
+----------
+
+* All the features of PowerSyringe have now been split up into separate scripts which now fall under the PowerSploit project.
+* Completely rewrote the PowerSyringe code from scratch.
+* All scripts are now in conformance with proper PowerShell verb-noun agreement.
+* All the scripts are entirely memory-resident now. This feature is possible through reflection. For more information on the implementation details, read my blog post: http://www.exploit-monday.com/2012/05/accessing-native-windows-api-in.html
+* Improved error handing. Error handlers should pick up on every fault now.
+* Added calls to VirtualFree for proper cleanup.
+* Detailed output is now displayed when the -Verbose option is enabled.
+* CreateThread assembly stub is now implemented in a function and is much more readable.
+
+
+Original Powersyringe
+---------------------
+
+The original Powersyringe can still be found in my Google Docs page: https://docs.google.com/open?id=0B-K55rLoulAfOGZiYjQzZGEtMGE5NC00NDgwLThmYjctZjc5YmIxNDQ5ZTE2
-- 
cgit v1.2.3