JK
Uploaded byJohan Klerk
197 views

2010 za con_jameel_haffejee

This document introduces PowerShell and explains why hackers should learn it. PowerShell can be used for tasks like port scanning, brute forcing RDP/SQL, dumping password hashes, and quickly setting up backdoors. It comes preinstalled on many modern Windows systems and provides an unchecked environment for accessing and controlling the operating system through commands and scripting. The document demonstrates various hacking techniques that can be accomplished using PowerShell, such as poking the system, checking for open ports, and gaining complete control over servers after initial access.

Embed presentation

Download to read offline
PowerShell – what every haXor needs to know Jameel  Haffejee  /  RC1140    
What is PowerShell Its awesome
Why Should you care ?  Its installed by default on a growing number of MS OS’s   Windows 7   Windows Server 2K8R2  Optional On Windows XP SP 3  Its an alternate scriptable way to access the OS  It’s a unchecked environment at the moment
Accessing PowerShell •  Can be accessed via the Start Menu or Run •  Can be called from within batch files •  Accessed via its hostable core in any supported language
Execution Policies •  Restricted (Default) •  Signed •  Remote Signed •  Unrestricted •  Bypass •  PowerShell Does not require admin privileges to run and most commands work without the need for admin access.
PowerShell Trinity  Where it all begins and ends, Get-Help , Get-Command ,Get- member
Hello World •  Variables •  String Types •  Loops •  Running a script •  ISE , Yes is comes with a ISE :P
Poking the System with PowerShell  One Liners – Because everyone has to count their keystrokes till doom  Accessing windows through WMI and COM  Making use of Active Directory to index machines on the network  What can we do with more than one line
Knock Knock – Is that port open  No direct PowerShell interfaces so we have to resort to .Net  Making socket connections in PowerShell   $tcpclient = new-Object system.Net.Sockets.TcpClient   $tcpclient.Connect('localhost','80')  Creating and using a Port Scanner in PowerShell  Finally setting up a basic bind interface to listen on our port of choice i.e Basic netcat
Breaking Down the front door  Brute Forcing RDP/SQL with PowerShell
Popped The Cork   So now that you have access to a PC/Server what can you do ?   Dumping Hashes   Complete control over IIS from the command line   Setting up a bot with PowerShell   Setting up backdoor access in 60 seconds, Assuming you have physical access (Still possible without physical access as well )
Questions and Contact Info Twi3er  :  h3p://twi3er.com/RC1140   Mail            :  jameel@superuser.co.za   IRC          :  #ZaCon  (On  Atrum)                #PowerShell  (On  FreeNode)   Code          :  h3p://github.com/rc1140/zacon  

More Related Content

PDF
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
byVishal Kumar
 
PPTX
Auditing System Password Using L0phtcrack
byVishal Kumar
 
PPTX
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
byVishal Kumar
 
PDF
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
byVishal Kumar
 
PPTX
Fixing 403 Forbidden Nginx Errors
byVEXXHOST Private Cloud
 
PPTX
Denial of service attack part 2
byKaustubh Padwad
 
ODP
PandoraFMS: Free Monitoring System
byEnrique Verdes
 
ODP
Caching web contents in the browser
byIgnacio Coloma
 
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
byVishal Kumar
 
Auditing System Password Using L0phtcrack
byVishal Kumar
 
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
byVishal Kumar
 
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
byVishal Kumar
 
Fixing 403 Forbidden Nginx Errors
byVEXXHOST Private Cloud
 
Denial of service attack part 2
byKaustubh Padwad
 
PandoraFMS: Free Monitoring System
byEnrique Verdes
 
Caching web contents in the browser
byIgnacio Coloma
 

What's hot

PPTX
Recon with Nmap
byOWASP Delhi
 
PDF
CNIT 124: Ch 8: Exploitation
bySam Bowne
 
PPTX
Pentesting Cloud Environment
byVengatesh Nagarajan
 
PPTX
PHPCS (PHP Code Sniffer)
byOleksii Prohonnyi
 
PPTX
Ent wiki a short introduction
byBalasubramanian Thiagarajan
 
PDF
[TUTORIAL] PetitParser
byESUG
 
PPTX
Post exploitation using powershell
byMihir Shah
 
PPT
Root via XSS
byPositive Hack Days
 
PPT
Addmi 12-basic scan
byodanyboy
 
PPT
Presentation (PPT)
bywebhostingguy
 
PPTX
Hands on experience Open Journal Installation
byBalasubramanian Thiagarajan
 
PDF
Configuration of Ansible - DevOps: Beginner's Guide To Automation With Ansible
byTetraNoodle_Tech
 
PDF
Jones_Lamp_Tutorial
byOlivia J. Jones
 
PPT
Networking session-4-final by aravind.R
byNavaneethan Naveen
 
DOCX
gfd
byluloon
 
PPTX
บทที่ 3 การเขียนโปรแกรมติดต่อฐานข้อมูล
byPriew Chakrit
 
PPTX
Ddos final part
byKaustubh Padwad
 
Recon with Nmap
byOWASP Delhi
 
CNIT 124: Ch 8: Exploitation
bySam Bowne
 
Pentesting Cloud Environment
byVengatesh Nagarajan
 
PHPCS (PHP Code Sniffer)
byOleksii Prohonnyi
 
Ent wiki a short introduction
byBalasubramanian Thiagarajan
 
[TUTORIAL] PetitParser
byESUG
 
Post exploitation using powershell
byMihir Shah
 
Root via XSS
byPositive Hack Days
 
Addmi 12-basic scan
byodanyboy
 
Presentation (PPT)
bywebhostingguy
 
Hands on experience Open Journal Installation
byBalasubramanian Thiagarajan
 
Configuration of Ansible - DevOps: Beginner's Guide To Automation With Ansible
byTetraNoodle_Tech
 
Jones_Lamp_Tutorial
byOlivia J. Jones
 
Networking session-4-final by aravind.R
byNavaneethan Naveen
 
gfd
byluloon
 
บทที่ 3 การเขียนโปรแกรมติดต่อฐานข้อมูล
byPriew Chakrit
 
Ddos final part
byKaustubh Padwad
 

Viewers also liked

PPT
Training management
byMezbah Uddin
 
DOC
Cv paola aliaga 21
byPaola Aliaga
 
PDF
2010 za con_georg-christian_pranschke
byJohan Klerk
 
PDF
2010 za con_ian_de_villiers
byJohan Klerk
 
PDF
2010 za con_daniel_cuthbert
byJohan Klerk
 
PDF
2010 za con_ivan_burke
byJohan Klerk
 
PDF
2010 za con_jurgens_van_der_merwe
byJohan Klerk
 
PDF
2010 za con_barry_irwin
byJohan Klerk
 
PDF
2010 za con_roelof_temmingh
byJohan Klerk
 
PDF
2010 za con_stephen_kreusch
byJohan Klerk
 
PDF
2010 za con_todor_genov
byJohan Klerk
 
PPTX
Arts railway station tv exp
byMezbah Uddin
 
PPTX
Arts railway station tv exp
byMezbah Uddin
 
PDF
2010 za con_haroon_meer
byJohan Klerk
 
PDF
Anexo a demanda impugnacion laudo sunat comprimido
byPaola Aliaga
 
PDF
4 pliego reclamo 2015
byPaola Aliaga
 
Training management
byMezbah Uddin
 
Cv paola aliaga 21
byPaola Aliaga
 
2010 za con_georg-christian_pranschke
byJohan Klerk
 
2010 za con_ian_de_villiers
byJohan Klerk
 
2010 za con_daniel_cuthbert
byJohan Klerk
 
2010 za con_ivan_burke
byJohan Klerk
 
2010 za con_jurgens_van_der_merwe
byJohan Klerk
 
2010 za con_barry_irwin
byJohan Klerk
 
2010 za con_roelof_temmingh
byJohan Klerk
 
2010 za con_stephen_kreusch
byJohan Klerk
 
2010 za con_todor_genov
byJohan Klerk
 
Arts railway station tv exp
byMezbah Uddin
 
Arts railway station tv exp
byMezbah Uddin
 
2010 za con_haroon_meer
byJohan Klerk
 
Anexo a demanda impugnacion laudo sunat comprimido
byPaola Aliaga
 
4 pliego reclamo 2015
byPaola Aliaga
 

Similar to 2010 za con_jameel_haffejee

PDF
Sql Server & PowerShell
byAaron Shilo
 
PPTX
Introducing PS>Attack: An offensive PowerShell toolkit
byjaredhaight
 
PPTX
PowerShell-1
bySaravanan G
 
PDF
Power on, Powershell
byRoo7break
 
PDF
The Dark Side of PowerShell by George Dobrea
byEC-Council
 
PPTX
Powering up on power shell avengercon - 2018
byFernando Tomlinson, CISSP, MBA
 
PPTX
Powering up on PowerShell - BSides Greenville 2019
byFernando Tomlinson, CISSP, MBA
 
PPTX
Incorporating PowerShell into your Arsenal with PS>Attack
byjaredhaight
 
PDF
From P0W3R to SH3LL
byArthur Paixão
 
PPTX
PowerShell for Cyber Warriors - Bsides Knoxville 2016
byRussel Van Tuyl
 
PPTX
Building an Empire with PowerShell
byWill Schroeder
 
PDF
Powering up on PowerShell - BSides Charleston - Nov 2018
byFernando Tomlinson, CISSP, MBA
 
PPTX
PowerShellForDBDevelopers
byBryan Cafferky
 
PDF
Ranger BSides-FINAL
byChristopher Duffy, D.Sc.
 
PPTX
Pwning the Enterprise With PowerShell
byBeau Bullock
 
PPTX
Pwning with powershell
byjaredhaight
 
PDF
Who Should Use Powershell? You Should Use Powershell!
byBen Finke
 
PPTX
Get-Help: An intro to PowerShell and how to Use it for Evil
byjaredhaight
 
PPTX
PowerShell - Be A Cool Blue Kid
byMatthew Johnson
 
PPTX
PSConfEU - Building an Empire with PowerShell
byWill Schroeder
 
Sql Server & PowerShell
byAaron Shilo
 
Introducing PS>Attack: An offensive PowerShell toolkit
byjaredhaight
 
PowerShell-1
bySaravanan G
 
Power on, Powershell
byRoo7break
 
The Dark Side of PowerShell by George Dobrea
byEC-Council
 
Powering up on power shell avengercon - 2018
byFernando Tomlinson, CISSP, MBA
 
Powering up on PowerShell - BSides Greenville 2019
byFernando Tomlinson, CISSP, MBA
 
Incorporating PowerShell into your Arsenal with PS>Attack
byjaredhaight
 
From P0W3R to SH3LL
byArthur Paixão
 
PowerShell for Cyber Warriors - Bsides Knoxville 2016
byRussel Van Tuyl
 
Building an Empire with PowerShell
byWill Schroeder
 
Powering up on PowerShell - BSides Charleston - Nov 2018
byFernando Tomlinson, CISSP, MBA
 
PowerShellForDBDevelopers
byBryan Cafferky
 
Ranger BSides-FINAL
byChristopher Duffy, D.Sc.
 
Pwning the Enterprise With PowerShell
byBeau Bullock
 
Pwning with powershell
byjaredhaight
 
Who Should Use Powershell? You Should Use Powershell!
byBen Finke
 
Get-Help: An intro to PowerShell and how to Use it for Evil
byjaredhaight
 
PowerShell - Be A Cool Blue Kid
byMatthew Johnson
 
PSConfEU - Building an Empire with PowerShell
byWill Schroeder
 

2010 za con_jameel_haffejee

  • 1.
    PowerShell – whatevery haXor needs to know Jameel  Haffejee  /  RC1140    
  • 2.
  • 3.
    Why Should youcare ?  Its installed by default on a growing number of MS OS’s   Windows 7   Windows Server 2K8R2  Optional On Windows XP SP 3  Its an alternate scriptable way to access the OS  It’s a unchecked environment at the moment
  • 4.
    Accessing PowerShell •  Canbe accessed via the Start Menu or Run •  Can be called from within batch files •  Accessed via its hostable core in any supported language
  • 5.
    Execution Policies •  Restricted(Default) •  Signed •  Remote Signed •  Unrestricted •  Bypass •  PowerShell Does not require admin privileges to run and most commands work without the need for admin access.
  • 6.
    PowerShell Trinity  Where itall begins and ends, Get-Help , Get-Command ,Get- member
  • 7.
    Hello World •  Variables • String Types •  Loops •  Running a script •  ISE , Yes is comes with a ISE :P
  • 8.
    Poking the Systemwith PowerShell  One Liners – Because everyone has to count their keystrokes till doom  Accessing windows through WMI and COM  Making use of Active Directory to index machines on the network  What can we do with more than one line
  • 9.
    Knock Knock –Is that port open  No direct PowerShell interfaces so we have to resort to .Net  Making socket connections in PowerShell   $tcpclient = new-Object system.Net.Sockets.TcpClient   $tcpclient.Connect('localhost','80')  Creating and using a Port Scanner in PowerShell  Finally setting up a basic bind interface to listen on our port of choice i.e Basic netcat
  • 10.
    Breaking Down thefront door  Brute Forcing RDP/SQL with PowerShell
  • 11.
    Popped The Cork  So now that you have access to a PC/Server what can you do ?   Dumping Hashes   Complete control over IIS from the command line   Setting up a bot with PowerShell   Setting up backdoor access in 60 seconds, Assuming you have physical access (Still possible without physical access as well )
  • 12.
    Questions and ContactInfo Twi3er  :  h3p://twi3er.com/RC1140   Mail            :  jameel@superuser.co.za   IRC          :  #ZaCon  (On  Atrum)                #PowerShell  (On  FreeNode)   Code          :  h3p://github.com/rc1140/zacon