Staged Payload For Invoke-CradleCrafter Project Tutorial

1. Write-Host "THIS CRADLE WORKED!!!" -NoNewLine -ForegroundColor Yellow
2. Write-Host " --" -NoNewLine -ForegroundColor White
3. Write-Host " SUCCESSFULLY EXECUTED POWERSHELL CODE FROM REMOTE LOCATION" -ForegroundColor Green
4.  
5. Function Inv`oke-Mimi`katz
6. {
7. Param(
8. [Parameter(ParameterSetName = "DumpCreds", Position = 0)]
9. [Switch]
10. $DumpCreds
11. )
12.  
13. #Write-Host "You shouldn't run Invoke-Mimikatz without express written consent from client." -ForegroundColor Yellow
14.  
15. $MimikatzCoffeeAscii = "
16. ( (
17. ) )
18. .______.
19. | |]
20. \ /
21. ``----'
22. "
23.  
24. $Results = @()
25. $Results += "You shouldn't run Invoke-Mimikatz without express written consent from client."
26. $Results += $MimikatzCoffeeAscii
27. $Results += "^ Mimikatz coffee ASCII art."
28. $Results += "That Benjamin DELPY (@gentilkiwi) is a funny guy :)"
29. $Results += "Normally creds will be here, but you get the picture."
30.  
31. Return $Results
32. }
33.  
34. Write-Host "`nFunction" -NoNewLine -ForegroundColor White
35. Write-Host " Invoke-Mimikatz" -NoNewLine -ForegroundColor Green
36. Write-Host " (tutorial version strictly for lulz) has now been set." -ForegroundColor White
37. Write-Host "You can test it by running:" -NoNewLine -ForegroundColor White
38. Write-Host " Invoke-Mimikatz -DumpCreds" -NoNewLine -ForegroundColor Green
39. Write-host " (or" -NoNewLine -ForegroundColor White
40. Write-Host " -DumpCr" -NoNewLine -ForegroundColor Green
41. Write-Host " for short).`n" -ForegroundColor White