Shells-for-restricted-environments
Shells-for-restricted-environments copied to clipboard
InfosecMatter
A repository of compiled and ready-to-use shells for Windows restricted environments.
Shells for restricted environments
https://www.infosecmatter.com/19-ways-to-bypass-software-restrictions-and-spawn-a-shell/
Minips
Minips is a custom minimalist PowerShell interpreter to bypass AppLocker restrictions, GPO or SRP restrictions preventing from running powershell.exe. There are 2 identical versions available:
minips.cs
Compile with csc.exe like this:
# Go to the latest .NET version folder, e.g.:
cd C:\Windows\Microsoft.NET\Framework64\v4.0.30319
# Compile:
csc.exe /unsafe /reference:"C:\path\to\System.Management.Automation.dll" /out:C:\users\public\minips.exe /platform:x64 "C:\path\to\minips.cs"
Then run the produced minips.exe executable to spawn the shell.
minips.xml
Simply start with msbuild.exe like this:
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe c:\path\to\minips.xml
shell-pack.zip
Contains compiled and ready to use shells for bypassing AppLocker, GPO or SRP restrictions preventing from running Command Prompt (cmd.exe) or PowerShell interpreter (powershell.exe).
The pack contains the following shells:
- cmd-dll
- CScriptShell
- Minips
- MSBuildShell
- NoPowerShell
- nps
- p0wnedshell
- PowerLine
- PowerOPS
- PowerShdll
- PSShell
- SharpPick
The archive is password protected in order to evade antivirus detection.
More information including the password can be found here.
Metadata
Owner
InfosecMatter
Metadata
A repository of compiled and ready-to-use shells for Windows restricted environments.