powershell reverse tcp: PowerShell script for connecting to a remote host
PowerShell Reverse TCP
PowerShell script for connecting to a remote host.
The remote host will have full control over the client’s PowerShell and all its underlying commands.
Tested with PowerShell v5.1.18362.752 on Windows 10 Enterprise OS (64 bit).
git clone https://github.com/ivan-sincek/powershell-reverse-tcp.git
Change the IP address and port number inside the script.
Open the PowerShell from \src\ and run the commands shown below.
Set the execution policy:
Run the script:
Or run the following command from either PowerShell or Command Prompt:
PowerShell -ExecutionPolicy Unrestricted -File .\powershell_reverse_tcp.ps1
Try to bypass an antivirus or some other security mechanisms by obfuscating your scripts.
You can see such obfuscation in the following example.
Original PowerShell command:
Obfuscated PowerShell command:
Search the Internet for additional methods and obfuscation techniques.
PowerShell Encoded Command
Use this one-liner if you don’t want to leave any artifacts behind.
Encoded script will prompt for input. See the source code in my other project.
To run the PowerShell encoded command, run the following command from either PowerShell or Command Prompt:
To generate a PowerShell encoded command from a PowerShell script, run the following PowerShell command:
Copyright (c) 2019 Ivan Šincek