Powershell

Obfuscate scripts

Constrained Language Mode Bypass

Research Source

powershell.exe -version 2

Check groups & SID with WMI

# determine current user
$currentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent()

# Get list of security tokens
$privileges = @()
$currentUser.Groups | ForEach-Object {
    $group = $_
    $sid = $group.Value
    $priv = New-Object -TypeName PSObject -Property @{
        SID = $sid
        Name = (New-Object System.Security.Principal.SecurityIdentifier($sid)).Translate([System.Security.Principal.NTAccount]).Value
    }
    $privileges += $priv
}

# output groups list
$privileges | Format-Table

System enumirate

check whoami + domain

in cmd:

Type "echo %USERDOMAIN%" and press Enter. This will display your domain name.

Type "echo %USERNAME%" and press Enter. This will display your username.

PreviousAV / EDR Evasion NextGenerate shellcode from Go bins

Last updated 7 months ago