Gh0st
/
PowerSploit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
591 Commits 2 Branches 2 Tags 16 MiB
Commit Graph

591 Commits

Author SHA1 Message Date
HarmJ0y 666246362f Merge pull request #140 from Meatballs1/fix_groups_xml 
PowerView - Fix Groups.xml Parsing
 2016-05-18 11:10:18 -04:00
Harmj0y c89f0b9969 Logic bug fix in Get-NetDomainTrust 2016-05-13 01:11:47 -04:00
Harmj0y 7d3f0066ec Merge branch 'dev' of https://github.com/PowerShellMafia/PowerSploit into dev 2016-05-13 01:08:03 -04:00
Harmj0y 56824c1799 Get-NetDomainTrust now gets an -API option to enumerate trusts through DsEnumerateDomainTrusts() 
Logic bug fix for Get-DNSZone
Bug fix for Get-NetLocalGroup
 2016-05-13 01:07:24 -04:00
Meatballs 3e936765f5
Fix groupsxml parsing 2016-05-12 21:03:20 +01:00
Matt Graeber eec3704f40 Merge pull request #139 from sixdub/dev 
Added Get-MicrophoneAudio.ps1 and associated Pester tests
 2016-05-12 08:08:54 -07:00
sixdub debe4a565e Added Get-MicrophoneAudio.ps1 and associated Pester tests 2016-05-12 10:58:27 -04:00
HarmJ0y 30324b7c5e Merge pull request #135 from Meatballs1/trust_sids 
Retrieve Domain SIDs with -LDAP
 2016-05-09 21:24:57 -07:00
Harmj0y 7b4becfe72 Added Invoke-UserHunter field to keep output objects in sync. 2016-05-10 00:14:37 -04:00
HarmJ0y 31ed96d161 Merge pull request #136 from andyrobbins/dev 
Added name resolution to custom PSObject generated by Invoke-UserHunter.
 2016-05-09 21:12:42 -07:00
Andy Robbins 9f7906280d Added name resolution to custom PSObject generated by Invoke-UserHunter. 2016-05-10 00:01:38 -04:00
Harmj0y 6ada127538 Began adding custom PSObject TypeNames to various PowerView output objects. 2016-05-09 23:22:51 -04:00
Meatballs 6a39c26b06
Retrieve Domain SIDs with -LDAP 2016-05-09 22:24:23 +01:00
Matt Kelly 0cedaf6142 Adds PSLoggedOn like functionality 
Adding in Get-LoggedOnLocal which uses HKU registry checks to see who
is logged locally to a remote box and only requires user level access
rights. The benefit over NetWkstaUserEnum is less user privileges
required (admin for NetWkstaUserEnum) and is the same process
PSLoggedOn uses.

Invoke-PSLoggedOn launches both Get-LoggedOnLocal and Get-NetSessions
and outputs the same format as PSLoggedOn.exe from Sysinternals.

I did not change Invoke-UserHunter non-stealth to this option yet, but
it is beneficial in that if you use both HKU and NetSessionEnum you
only require basic user level rights not admin remote.
 2016-05-05 19:12:33 -05:00
Harmj0y 26cef85d35 Added Get-RegistryMountedDrive 2016-05-03 22:52:36 -04:00
Harmj0y fbf6f30833 Modified Convert-DNSRecord to return the base64 encoded record for record types not currently handled. 2016-04-27 19:11:49 -04:00
Harmj0y 1f90c29429 Added Get-DNSZone and Get-DNSRecord to enumerate AD DNS information. 
Added Convert-DNSRecord (ported from Michael B. Smith's code at https://raw.githubusercontent.com/mmessano/PowerShell/master/dns-dump.ps1) - needs expansion work on record types
 2016-04-27 18:42:51 -04:00
Harmj0y 68c446b9b9 Changed some property types in Get-ObjectACL 2016-04-25 19:52:39 -04:00
pyllyukko 75a37a0f17
Added ScheduledTaskHourly to New-UserPersistenceOption 2016-04-25 17:44:24 +03:00
Harmj0y 4cedfa1c30 added Request-SPNTicket to request kerberos tickets for specified SPNs 2016-04-24 10:56:07 -04:00
Harmj0y c52f9d712c For PowerView, added $Searcher.CacheResults = $False to Get-DomainSearcher 
Added dispose() approach for the following cmdlets:
Get-NetUser, Get-ObjectAcl/Add-ObjectAcl, Get-GUIDMap, Get-NetComputer, Get-ADObject, Get-NetOU, Get-NetSite, Get-NetSubnet, Get-NetGroup, Get-NetGroupMember, Get-DFSshare, Get-NetGPO, Get-NetDomainTrust
 2016-04-24 06:57:36 -04:00
HarmJ0y 7ed5343431 Merge pull request #128 from Meatballs1/fix_groups_xml 
//Group -> //Groups
 2016-04-24 12:17:48 +02:00
pyllyukko a6564f4483
Added ScheduledTaskHourly to New-ElevatedPersistenceOption 2016-04-16 17:03:17 +03:00
HarmJ0y 69a2cd1e33 Merge pull request #125 from leechristensen/patch-1 
Change ComputerName default to the computer's name
 2016-04-11 11:49:47 -07:00
leechristensen c8ff194089 Change ComputerName default to the computer's name 
Change ComputerName default so Disabled doesn't report error
 2016-04-11 11:02:31 +01:00
HarmJ0y 785f4757bd Merge pull request #122 from joncave/patch-1 
Find-PathHijack: Expand environment variables in path
 2016-04-08 12:59:01 -07:00
Meatballs 6daaef2706
//Group -> //Groups 2016-04-03 08:09:33 +01:00
Jon Cave 84b8e1da9a Find-PathHijack: Expand environment variables in path 
Paths containing environment variables can cause false-positives to occur, e.g. `%SystemRoot%\system32\WindowsPowerShell\v1.0\`. `Find-PathHijack` will believe this is a relative path and will report it as hijackable if the current directory is writeable.
 2016-03-20 21:28:22 +00:00
Harmj0y 37389e9658 Bug fix in Find-GPOLocation 2016-03-18 06:13:05 -04:00
Harmj0y 26a0757612 Added Get-SiteName to find the site a computer is a part of 
Added -ComputerName parameter to Get-NetGPO to enumerate all GPOs a given computer has applied
Fixed bug in Find-GPOComputerAdmin and added site enumeration for GPO links
 2016-03-15 15:13:32 -04:00
Harmj0y 13adf516d5 Moved admin check for Get-System to allow for RevToSelf 2016-03-15 15:13:02 -04:00
Harmj0y 6a17f759ab Added Get-System to Privesc/ 
Added Pester tests for Get-System
 2016-03-11 17:45:46 -05:00
Harmj0y dee094a993 Additional error checking in Get-DFSshare 2016-03-11 16:37:14 -05:00
HarmJ0y dedd805eaa Merge pull request #118 from Meatballs1/dfs_v1_pkt 
Parse DFSv1 PKT
 2016-03-11 13:35:14 -08:00
Matt Graeber be2a8ecf15 Get-TimedScreenshot enhancement. Issue #114 
Get-TimedScreenshot now captures the entire screen. The screen
resolution is obtained via WMI. If for some reason that fails, it will
fall back to the old, less ideal method.
 2016-03-10 18:00:43 -08:00
Matt Graeber f305e31cf5 Bugfix: Invoke-TokenManipulation. Issue #112 
Fixed the PSv4 dependency for obtaining process ownership information.
Thanks to @mmashwani for suggesting the WMI solution.
 2016-03-10 16:48:37 -08:00
Harmj0y 2e1d49db33 Fixed bug with Get-NetGroupMember and computer accounts. 
samaccounttype enumeration now more accurate.
 2016-03-09 20:02:18 -05:00
Harmj0y 625705781e fix for Find-GPOComputerAdmin 2016-03-09 16:23:27 -05:00
Harmj0y 2e0197603c Bug fix for Invoke-EnumerateLocalAdmin 2016-03-09 15:37:38 -05:00
Harmj0y 236b16430c Removed Set-MacAttribute and Copy-ClonedFile 
Combined Convert-NT4toCanonical and Convert-DomainSimpletoNT4 into Convert-ADName
 2016-03-09 15:08:27 -05:00
Harmj0y e029509889 Added New-GPOImmediateTask 2016-03-07 19:17:25 -05:00
Harmj0y a87453eeca DomainOnly tweak 2016-03-07 02:53:30 -05:00
Harmj0y c883dabf77 Added -DomainOnly flag to Invoke-EnumerateLocalAdmin 2016-03-07 02:50:24 -05:00
Harmj0y 1c664758ce renamed output field for Get-NetLocalGroup API 2016-03-07 02:20:26 -05:00
Harmj0y b4891eb371 Added NetLocalGroupGetMembers enumeration method for Get-NetLocalGroup with the -API flag 
Fixed threading specification in most threaded functions.
 2016-03-07 02:00:00 -05:00
Meatballs 661b11ed3c Parse DFSv1 PKT 2016-03-07 05:32:36 +00:00
Harmj0y 26ca1a922e Added additional fields to Get-NetLocalGroup results. 2016-03-06 21:47:06 -05:00
Harmj0y 46e12414e8 Modified output of Find-GPOLocation to return more object information. 2016-02-28 23:05:28 -05:00
Harmj0y 4aea2f12f9 -fixed several bugs in Find-GPOLocation (-GroupName now works properly and Sites returned) 
-Find-GPOLocation with no arguments now returns all mappings
-fixed parsing issue in Get-NetGPOGroup- names now properly extracted from restricted group templates
 2016-02-28 22:30:22 -05:00
Harmj0y 6de1d78af8 Added Pester tests for Get-SiteListPassword 
Encrypted password check for Get-SiteListPassword fields
 2016-02-12 17:25:13 -05:00