22 matches found
Powershell Exec, Windows shellcode stage, Windows x86 Reverse Named Pipe (SMB) Stager
Execute an x86 payload from a command via PowerShell. Custom shellcode stage. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/powershell/custom/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set...
Powershell Exec, Windows shellcode stage, Windows x64 Reverse TCP Stager
Execute an x64 payload from a command via PowerShell. Custom shellcode stage. Connect back to the attacker Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/custom/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetc...
Powershell Exec, Windows shellcode stage, Hidden Bind Ipknock TCP Stager
Execute an x86 payload from a command via PowerShell. Custom shellcode stage. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcod...
Powershell Exec, Windows shellcode stage, Windows Reverse HTTP Stager (winhttp)
Execute an x86 payload from a command via PowerShell. Custom shellcode stage. Tunnel communication over HTTP Windows winhttp Module Options msf use payload/cmd/windows/powershell/custom/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf...
Powershell Exec, Windows shellcode stage, Reverse UDP Stager with UUID Support
Execute an x86 payload from a command via PowerShell. Custom shellcode stage. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/powershell/custom/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf...
Powershell Exec, Windows Upload/Execute, Reverse All-Port TCP Stager
Execute an x86 payload from a command via PowerShell. Uploads an executable and runs it staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/powershell/upexec/reversetcpallports msf payloadreversetcpallports show actions...
Powershell Exec, Windows x64 Reverse HTTP Stager (wininet)
Execute an x64 payload from a command via PowerShell. Tunnel communication over HTTP Windows x64 wininet Module Options msf use payload/cmd/windows/powershell/x64/vncinject/reversehttp msf payloadreversehttp show actions ...actions... msf payloadreversehttp set ACTION msf payloadreversehttp show...
Powershell Exec, Reverse TCP Stager with UUID Support
Execute an x86 payload from a command via PowerShell. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/powershell/peinject/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid sh...
Powershell Exec, Reverse HTTP Stager Proxy
Execute an x86 payload from a command via PowerShell. Tunnel communication over HTTP Module Options msf use payload/cmd/windows/powershell/vncinject/reversehttpproxypstore msf payloadreversehttpproxypstore show actions ...actions... msf payloadreversehttpproxypstore set ACTION msf...
Powershell Exec, Windows Meterpreter Shell, Reverse TCP Inline x64
Execute an x64 payload from a command via PowerShell. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/powershell/x64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf...
Powershell Exec, Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Execute an x64 payload from a command via PowerShell. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/x64/shell/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION...
Powershell Exec, Windows Meterpreter Shell, Reverse TCP Inline (IPv6)
Execute an x86 payload from a command via PowerShell. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/powershell/meterpreterreverseipv6tcp msf payloadmeterpreterreverseipv6tcp show actions ...actions... msf...
Powershell Exec, Windows Command Shell, Reverse TCP Stager (IPv6)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/powershell/shell/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf...
Powershell Exec, Windows Upload/Execute, Bind TCP Stager (No NX or Win7)
Execute an x86 payload from a command via PowerShell. Uploads an executable and runs it staged. Listen for a connection No NX Module Options msf use payload/cmd/windows/powershell/upexec/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf...
Powershell Exec, Reverse TCP Stager
Execute an x86 payload from a command via PowerShell. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/peinject/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
Powershell Exec, Bind TCP Stager (Windows x86)
Execute an x86 payload from a command via PowerShell. Listen for a connection Windows x86 Module Options msf use payload/cmd/windows/powershell/peinject/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and set options... m...
Powershell Exec, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/powershell/shell/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...
Powershell Exec, Bind TCP Stager with UUID Support (Windows x64)
Execute an x64 payload from a command via PowerShell. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/powershell/x64/meterpreter/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf payloadbindtcpuuid...
Powershell Exec, Windows Meterpreter Shell, Reverse TCP Inline
Execute an x86 payload from a command via PowerShell. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/powershell/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf...
Powershell Exec, Find Tag Ordinal Stager
Execute an x86 payload from a command via PowerShell. Use an established connection Module Options msf use payload/cmd/windows/powershell/meterpreter/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and set options... msf...