infosecn1nja
/
PoshC2_Python
mirror of https://github.com/infosecn1nja/PoshC2_Python.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
PoshC2_Python/Modules/Get-ServicePerms.ps1

29 lines
15 KiB
PowerShell
Raw Normal View History

Initial Commit
2018-07-23 08:55:15 +00:00
# Service Permission Checker
# Ben Turner @benpturner
<#
.Synopsis
Service Permission Checker
.DESCRIPTION
Service Permission Checker
.EXAMPLE
PS C:\> Get-ServicePerms -Path C:\temp\
#>
$sploaded = $null
Function Get-ServicePerms {
if ($sploaded -ne "TRUE") {
$script:sploaded = "TRUE"
echo "Loading Assembly"
$i = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAK47qFoAAAAAAAAAAOAAIiALATAAACQAAAAGAAAAAAAAwkMAAAAgAAAAYAAAAAAAEAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACgAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAHBDAABPAAAAAGAAALgDAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAwAAAA4QgAAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAAyCMAAAAgAAAAJAAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAALgDAAAAYAAAAAQAAAAmAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAIAAAAACAAAAKgAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAACkQwAAAAAAAEgAAAACAAUAHC0AABwVAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABswBQBTAgAAAQAAEQNvDgAACnIBAABwbw8AAAomA28OAAAKcgEAAHBvEAAACm8RAAAKchEAAHBvEgAACiYDbw4AAApyAQAAcG8QAAAKbxEAAApyHwAAcG8SAAAKJhQKFAsCbxMAAAoTBDiRAQAAEgQoFAAAChMFFAoUCxEFGHMVAAAKFxfQJwAAASgWAAAKbxcAAApvGAAAChMGOA0BAAARBm8ZAAAKdBQAAAETB3I3AABwChuNDwAAASUWEQdvGgAACqIlF3I5AABwoiUYEQdvGwAACowwAAABoiUZcjkAAHCiJRoRB28cAAAKjDEAAAGiKB0AAAoKBnI9AABwbx4AAAoGckkAAHBvHgAACl8sEXJXAABwBnKTAABwKB8AAAoKBnI9AABwbx4AAAoGcqkAAHBvHgAACl8sEXJXAABwBnKTAABwKB8AAAoKBnLBAABwbx4AAAoGckkAAHBvHgAACl8sEXJXAABwBnKTAABwKB8AAAoKBnLBAABwbx4AAAoGcqkAAHBvHgAACl8sEXJXAABwBnKTAABwKB8AAAoKBwZy0wAAcCgfAAAKCxEGbyAAAAo65/7//94VEQZ1FQAAARMIEQgsBxEIbyEAAArc3gMm3gADbw4AAApyAQAAcG8QAAAKbyIAAAoYjQ8AAAElFhEFoiUXB6JvIwAACiYSBCgkAAAKOmP+///eDhIE/hYCAAAbbyEAAArcKCUAAAomA28OAAAKct8AAHBvEAAACigDAAAGDANvDgAACnIBAABwbxAAAAooBAAABg1y8QAAcAgJKCYAAAooJwAACioAQUwAAAIAAACPAAAAIAEAAK8BAAAVAAAAAAAAAAAAAABvAAAAVwEAAMYBAAADAAAADwAAAQIAAABdAAAApAEAAAECAAAOAAAAAAAAABswCAAjBQAAAgAAESglAAAKJnMoAAAKJnMoAAAKCnMpAAAKCwdvDgAACnLfAABwbw8AAAomB28OAAAKct8AAHBvEAAACm8RAAAKchkBAHBvEgAACiYHbw4AAApy3wAAcG8QAAAKbxEAAApyMwEAcG8SAAAKJgdvDgAACnLfAABwbxAAAApvEQAACnJFAQBwbxIAAAomB28OAAAKct8AAHBvEAAACm8RAAAKch8AAHBvEgAACiYHbw4AAApy3wAAcG8QAAAKbxEAAApyWQEAcG8SAAAKJnKBAQBwcyoAAApzKwAACm8sAAAKby0AAAoMOBwEAAAIby4AAAp0GAAAAQ1yNwAAcBMECXK5AQBwby8AAApvMAAACnI3AABwKDEAAAosBd3oAwAACXK5AQBwby8AAApvMAAAChME3gMm3gByNwAAcBMFcjcAAHATBhEEcssBAHAXKDIAAAoTBxEHbzMAAAo5qAMAABEHbzQAAAoXbzUAAApvNgAACnLhAQBwKCYAAAoTCBEIcusBAHBvHgAACi0XEQhyOQAAcG8eAAAKLAly7wEAcBMGKwdyBQIAcBMGEQdvNAAAChdvNQAACm82AAAKcuEBAHAoJgAAChMFEQVy6wEAcHI3AABwbzcAAAoTBRQTCRQTChEFGHMVAAAKEQVzOAAACiYXF9AnAAABKBYAAApvFwAACm8YAAAKEw84IgEAABEPbxkAAAp0FAAAARMQcjcAAHATChuNDwAAASUWERBvGgAACqIlF3I5AABwoiUYERBvGwAACowwAAABoiUZcjkAAHCiJRoREG8cAAAKjDEAAAGiKB0AAAoTChEKcj0AAHBvHgAAChEKckkAAHBvHgAACl8sE3JXAABwEQpykwAAcCgfAAAKEwoRCnI9AABwbx4AAAoRCnKpAABwbx4AAApfLBNyVwAAcBEKcpMAAHAoHwAAChMKEQpywQAAcG8eAAAKEQpySQAAcG8eAAAKXywTclcAAHARCnKTAABwKB8AAAoTChEKcsEAAHBvHgAAChEKcqkAAHBvHgAACl8sE3JXAABwEQpykwAAcCgfAAAKEwoRCREKctMAAHAoHwAAChMJEQ9vIAAACjrS/v//3hURD3UVAAABExERESwHERFvIQAACtzeFiZyEQIAcBEFcjMCAHAoHwAAChMJ3gARBXI3AgBwFygyAAAKEwsRC28zAAAKLBMRC280AAAKF281AAAKbzAAAAomEQVzOAAACm85AAAKEwwrOQYRDG86AAAKbzAAAApvOwAACm88AAAKLRcGEQxvOgAACm8wAAAKbzsAAApvPQAAChEMbz4AAAoTDBEMLcNyNwAAcBMNCXJhAgBwby8AAApvMAAACnM/AAAKEw4RDm9AAAAKExUSFf4WHAAAAW8wAAAKEw0RDm9BAAAKExIRDm9CAAAKExMRDm9DAAAKExQdjTIAAAElFhENoiUXcmsCAHCiJRgSEihEAAAKoiUZcp0CAHCiJRoSEyhEAAAKoiUbcrkCAHCiJRwSFChEAAAKoihFAAAKEw3eFRMWctsCAHARFihGAAAKKEcAAAreAAdvDgAACnLfAABwbxAAAApvIgAAChuNDwAAASUWCXLnAgBwby8AAApvMAAACnL/AgBwCXJhAgBwby8AAApvMAAACnIFAwBwKEgAAAqiJRcRBqIlGAlyuQEAcG8vAAAKbzAAAAqiJRkRCaIlGhENom8jAAAKJghvSQAACjrZ+///3goILAYIbyEAAArcBgcoAQAABioAQXwAAAAAAAD7AAAANQAAADABAAADAAAADwAAAQIAAAAFAgAANQEAADoDAAAVAAAAAAAAAAAAAADdAQAAdAEAAFEDAAAWAAAADwAAAQAAAAD9AwAAfQAAAHoEAAAVAAAAHQAAAQIAAADjAAAALgQAABEFAAAKAAAAAAAAABswAwAMAgAAAwAAEQItC3IJAwBwc0oAAAp6c0sAAAoKBnIhAwBwb0wAAAomBnIvAwBwb0wAAAomBnI9AwBwb0wAAAomBnJNAwBwb0wAAAomBihNAAAKCxIB/hYgAAABbzAAAApvTAAACiYGclkDAHBvTAAACiYGcmsDAHBvTAAACiYGcnsDAHBvTAAACiYGcokDAHBvTAAACiYGciwEAHBvTAAACiYGcpYEAHBvTAAACiYGcv4EAHBvTAAACiYCbxEAAApvTgAACgwrMQhvGQAACnQhAAABDQZyPAUAcG9MAAAKJgYJb08AAApvTAAACiYGcnoFAHBvTAAACiYIbyAAAAotx94UCHUVAAABEwQRBCwHEQRvIQAACtwGcoYFAHBvTAAACiYCbyIAAApvTgAACgw4lAAAAAhvGQAACnQiAAABEwUGcv4EAHBvTAAAC
$dllbytes = [System.Convert]::FromBase64String($i)
$assembly = [System.Reflection.Assembly]::Load($dllbytes)
}
[ServicePerms]::dumpservices()
$computer = $env:COMPUTERNAME
$complete = "[+] Writing output to C:\Temp\Report.html"
echo "[+] Completed Service Permissions Review"
echo "$complete"
}