Skip to main content

Posts

Showing posts from February, 2020

Porting exploits from exploit-db to PowerShell - PSP Assignment 0x5

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. ( Image Source - xcart ) Description - A powershell script to exploit WordPress Plugin Is-human 1.4.2 - Remote Command Execution and Lunar CMS 3.3 Unauthenticated Remote Command Execution vulnerability. Exploit DB - 1.  https://www.exploit-db.com/exploits/17299/ 2.  https://www.exploit-db.com/exploits/33867 Script Code - Proof of Concept - The script can be found on my github - https://github.com/hexachordanu/PSP/blob/master/Exploits.ps1 This blog post has been created for completing the requirements of the SecurityTube PowerShell for Penetration Testers Certification Exam https://www.pentesteracademy.com/course?id=21 Student ID: PSP-3250
Post a Comment
Read more

Search for Stored Passwords - PSP Assignment 0x4

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. (Image Source : Forbse ) Description - A powershell script that extract locally stored passwords from the system. Script Code - Proof of Concept - Msf Ruby script - Powershell Version of above msf script - Script Execution results - References - https://www.itechtics.com/find-wifi-password/ https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/gather/credentials/windows_autologin.rb https://devblogs.microsoft.com/scripting/use-powershell-to-decrypt-lsa-secrets-from-the-registry/ https://github.com/samratashok/nishang/blob/master/Gather/Get-LSASecret.ps1 https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Get-GPPPassword.ps1 The script c...
Post a Comment
Read more

Scan Directory Permissions - PSP Assignment 0x3

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. Description - A powershell script that enumerate directories inside folders which are writable by non-admin users and print it out for the user. Script Code - Proof of Concept - References - https://sa1m0nz.wordpress.com/2018/01/26/enumerate-directories-inside-cwindowssystem32-which-are-writable-by-non-admin-users-powershell-for-pentesters-task-3/ The script can be found on my github - https://github.com/hexachordanu/PSP/blob/master/Enum-DirPermission.ps1 This blog post has been created for completing the requirements of the SecurityTube PowerShell for Penetration Testers Certification Exam https://www.pentesteracademy.com/course?id=21 Student ID: PSP-3250
Post a Comment
Read more

Enumerate Shares in a Network - PSP Assignment 0x2

Before we start I would like to bring your attention to this PSP course from  Pentester Academy   - https://www.pentesteracademy.com/course?id=21 . The course is focused on Powershell scripting which can be used in pentesting activities. (Image Source: winaero ) Description - A powershell script that takes list of target IPs and enumerate all open shares in a network,mark them with read and write access separately. Script Code - Proof of Concept - References - https://gallery.technet.microsoft.com/scriptcenter/a231026a-3fdb-4190-9915-38d8cd827348 The script can be found on my github - https://github.com/hexachordanu/PSP/blob/master/Scan-Shares.ps1 This blog post has been created for completing the requirements of the SecurityTube PowerShell for Penetration Testers Certification Exam https://www.pentesteracademy.com/course?id=21 Student ID: PSP-3250
Post a Comment
Read more