https://www.infosecmatter.com/19-ways-to-bypass-software-restrictions-and-spawn-a-shell/
Minips is a custom minimalist PowerShell interpreter to bypass AppLocker restrictions, GPO or SRP restrictions preventing from running powershell.exe. There are 2 identical versions available:
Compile with csc.exe like this:
# Go to the latest .NET version folder, e.g.:
cd C:\Windows\Microsoft.NET\Framework64\v4.0.30319
# Compile:
csc.exe /unsafe /reference:"C:\path\to\System.Management.Automation.dll" /out:C:\users\public\minips.exe /platform:x64 "C:\path\to\minips.cs"
Then run the produced minips.exe executable to spawn the shell.
Simply start with msbuild.exe like this:
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe c:\path\to\minips.xml
Contains compiled and ready to use shells for bypassing AppLocker, GPO or SRP restrictions preventing from running Command Prompt (cmd.exe) or PowerShell interpreter (powershell.exe).
The pack contains the following shells:
- cmd-dll
- CScriptShell
- Minips
- MSBuildShell
- NoPowerShell
- nps
- p0wnedshell
- PowerLine
- PowerOPS
- PowerShdll
- PSShell
- SharpPick
The archive is password protected in order to evade antivirus detection.
More information including the password can be found here.