PowerShell force HTTP GET in a computer with internet config & phishing the user for a valid proxy credentials.

PowerShell force HTTP GET in a computer with internet config & phishing the user for a valid proxy credentials.

Force HTTP GET in a computer with unknow internet config, trying to download the URL by downloading it directly and if it can’t then using default proxy credentials and .pac proxy list. If none o them works, it will trick the user and request his credentials using the Windows default credential prompt.
Description:
Normally this script should be used in a pentest environment, when you’re running this code in a target computer where you don’t know exactly what is the outbound internet config. Internally, Invoke-ForceWebRequest will use another two functions:
+ Invoke-BasicWebRequest: another function writed by me which allow me to create http webrequest with proxy config. Similar (but very basic) to Invoke-WebRequest native PowerShell function (which is only available on PowerShell v3+).
+ Invoke-LoginPrompt: an improved version of this great function wrote by @enigma0x3invoke-webforce

usage:

Script:

 

Download: forcewebrequest.zip
Source: https://github.com/daniel0x00