June 22, 2018

Category: PowerShell

Using PowerSploit to inject MSFVenom shellcode

This article will discuss how we can use the rather brilliant PowerSploit project, coupled with MSFVenom, to inject a staged Meterpreter reverse HTTPS shell into a running process.  This script can then be Base64 encoded and used in a USB HID attack or a macro malware document and I will write the relevant guides for […]

PowerShell :: Base64 to string

Completing the numerous something to Base64 and back again scripts is this little one liner to get a string back from a Base64 encoded string.  This is useful a lot when doing offensive security as it allows you to store a script in Base64 then iex the decoded string.  ieex being an awesome PowerShell command […]

PowerShell :: export DNS zones to a hosts file

Picture the scene!  Your data centre has caught fire so you grab you disaster recovery jump kit and run off to the standby site to start powering things up.  Whether you are using VMware SRM, Veeam replication or block level SAN replication you are going to need to connect to some servers / appliances right? […]

PowerShell :: output email addresses from Active Directory

Hopefully you’ve landed here from my series on macro malware and you need to output a list of all you users email addresses to send them some dummy phishing emails for educational purposes.  If not and you need to output a list of all your email addresses in Active Directory then you’re still in the […]

PowerShell :: check the Exchange 2010 queues for Nagios

I wrote this little script to monitor the Exchange 2010 mail queues and flag up when there is some mail stuck in there.  In most infrastructures your emails will probably move onward to either a relay or AV appliance and a failure of one of these will see mail begin to back up on your […]

PowerShell :: checking VEEAM backups are running for Nagios

This is my second PowerShell script to check VEEAM is happy (the first one is here)and focuses on making sure jobs are still running.  Whilst its rare the job engine will freeze, I used to get this problem all the time with other products and so got used to writing checks for it.  The script is […]

PowerShell :: checking VEEAM backups for Nagios

This little script will check all the configured VEEAM backup jobs (not backup copy jobs) for any that have a last state as FAILED.  It will not check for any jobs that have a last sate of WARNING as these occur too often to make the check useful. If one backup job has failed, it […]

NsClient++ :: using PowerShell scripts

If you are using Nagios in a wintel environment, then you will almost certainly have heard of NsClient++, but if you haven’t its a fantastic Windows agent that listens on port 5666 (for check_nrpe commands from Nagios) and then if the received command is configured in its config file, it will execute it and return the result.  Those […]

PowerShell :: a macro malware sender

Hopefully you have landed here having read Part I and Part II of my How to make your own macro malware series and already have a little context behind this script.  In short, it came from a need to send an email with an attachment to hundreds of recipients whilst alternating the email content and spoofing the […]

PowerShell :: Convert text file to Base64

Hi, So this script will read the text from a plain text file and then encode it as Base64. It is useful for Base64 encoding PowerShell scripts if you are looking to pass the script as an encoded command line argument. You will need to set the $inputFilePath and $outputFilePath and then execute. You could […]
Page 1 of 212 »

Subscribe to SYNACK via Email