From cfab3761129abbc9e1bfdb0ff3a2c309d6f43726 Mon Sep 17 00:00:00 2001 From: Cn33liz Date: Sat, 20 Feb 2016 14:07:02 +0100 Subject: [PATCH 1/2] Update README.md --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 0e1637d..b56b439 100644 --- a/README.md +++ b/README.md @@ -64,8 +64,8 @@ InstallUtil.exe /logfile= /LogToConsole=false /U C:\p0wnedShell\p0wnedShellx64.e * PowerSploit Invoke-ReflectivePEInjection * PowerSploit Invoke-Mimikatz * PowerSploit Invoke-TokenManipulation -* Veil's PowerTools PowerUp -* Veil's PowerTools PowerView +* PowerSploit PowerUp +* PowerSploit PowerView * HarmJ0y's Invoke-Psexec * Besimorhino's PowerCat * Nishang Invoke-PsUACme @@ -75,6 +75,7 @@ InstallUtil.exe /logfile= /LogToConsole=false /U C:\p0wnedShell\p0wnedShellx64.e * Nishang Port-Scan * Nishang Copy-VSS * Kevin Robertson Invoke-Inveigh +* Kevin Robertson Tater Powershell functions within the Runspace are loaded in memory from [Base64 encode strings](https://github.com/Cn33liz/p0wnedShell/blob/master/Utilities/PS1ToBase64.ps1). @@ -91,7 +92,7 @@ Binaries are loaded in memory using ReflectivePEInjection (Byte arrays are compr ### Shout-outs: -p0wnedshell is heavily based on tools and knowledge from people like harmj0y, the guys from Powersploit, Sean Metcalf, SubTee, Nikhil Mittal, Besimorhino, Benjamin Delpy e.g. So shout-outs go to them and of course to our friends in Redmond for giving us access to a very powerfull hacking language. +p0wnedshell is heavily based on tools and knowledge from people like harmj0y, the guys from Powersploit, Sean Metcalf, SubTee, Nikhil Mittal, Besimorhino, Benjamin Delpy, Breenmachine, FoxGlove Security, Kevin Robertson and anyone else i forgot. So shout-outs go to them and of course to our friends in Redmond for giving us access to a very powerfull hacking language. ### Todo: From e11d69834314d86420ce5048c1321df785d0c3c6 Mon Sep 17 00:00:00 2001 From: Cn33liz Date: Sat, 20 Feb 2016 14:19:45 +0100 Subject: [PATCH 2/2] Added Changelog --- CHANGELOG.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..ff2ef88 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,15 @@ +### Changelog: + +#### Version 1.3: + +* PowerSploit tools updated. +* Updated Mimikatz to latest version. +* Updated MS14-068 Exploit (Kekeo) to latest version. +* New version of Didier Stevens modification of ReactOS Command Prompt incl. Backup Privileges. +* Added Tater, the PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit. +* Added automation to get a SYSTEM command shell using Token Manipulation (Invoke-TokenManipulation). +* Added automation to find machines in the Domain where Domain Admins are logged into (PowerView). + +#### Version 1.2: + +* First Public Release.