BC-SECURITY/Invoke-PrintDemon BC-SECURITY/Invoke-PrintDemon

  • Stars
    star
    198
  • Rank 190,416 (Top 4 %)
  • Language
    PowerShell
  • Created almost 4 years ago
  • Updated over 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
BC-SECURITY/Invoke-PrintDemon
github

BC-SECURITY

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.

PrintDemon

This is an PowerShell Empire launcher PoC using PrintDemon and Faxhell. The module has the Faxhell DLL already embedded which leverages CVE-2020-1048 for privilege escalation. The vulnerability allows an unprivileged user to gain system-level privileges and is based on @ionescu007 PoC.

Invoke-Demon_Demo

Note: This is a proof of concept. We have encountered some issues with printing to C:\Windows\System32\Ualapi.dll on some machines. We have not yet isolated what is causing this. You can drop the dll directly into System32 to test the launcher if you encounter issues.

Code Borrowed from

https://github.com/ionescu007/PrintDemon https://github.com/ionescu007/faxhell https://stackoverflow.com/questions/4442122/send-raw-zpl-to-zebra-printer-via-usb https://stackoverflow.com/questions/29759854/how-to-connect-to-tcp-socket-with-powershell-to-send-and-receive-data

More Repositories

1

Starkiller

Starkiller is a Frontend for PowerShell Empire.
Vue
1,262
star
2

Beginners-Guide-to-Obfuscation

PowerShell
972
star
3

Moriarty

Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.
C#
344
star
4

Malleable-C2-Profiles

Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike & Empire.
281
star
5

Invoke-ZeroLogon

Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf.
PowerShell
210
star
6

DEFCON27

DEFCON 27 slides and workshop materials.
129
star
7

Offensive-VBA-and-XLS-Entanglement

VBA
124
star
8

Long-Live-The-Empire

A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing on the open-source Empire C2 framework.
92
star
9

IronSharpPack

IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then reflective load the C# project.
Python
58
star
10

Empire-Cli

CLI Frontend for PowerShell Empire.
Python
44
star
11

Taming-Offensive-IronPython

This workshop is designed to provide you with a solid understanding of IronPython, its integration with the .NET framework, and how it can be used to interact with other .NET languages.
Python
28
star
12

Red-Team-Village-CTF-2023

Secure Terminal CTF Challenge for DC31 Red Team Village
Python
20
star
13

SocksProxyServer-Plugin

Socks Proxy Server Plugin for Invoke-SocksProxy
17
star
14

DeathStarPlugin

Deathstar is an Empire plugin that automates gaining Domain and/or Enterprise Admin rights in Active Directory environments using common offensive tactics, techniques, and procedures (TTPs).
Python
15
star
15

empire-docs

https://bc-security.gitbook.io/empire-wiki/
10
star
16

DEFCONSafeMode

DEFCON Safe Mode Slides
8
star
17

DEFCON24

DEFCON 24 slides and materials.
5
star
18

ChiselServer-Plugin

4
star
19

Twilio-Plugin

Python
2
star
20

Empire-Launcher

Python
1
star
21

denylist-plugin

1
star
22

Report-Generation-Plugin

Plugin for replacing the original reporting functionality in Empire with customizable PDFs.
Python
1
star
23

AutoRun-Plugin

Plugin to automatically execute an agent tasking on checkin
1
star