Powershell Base64 Command Encoder - Metasploit
This page contains detailed information about how to use the encoder/cmd/powershell_base64 metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: Powershell Base64 Command Encoder
Module: encoder/cmd/powershell_base64
Source code: modules/encoders/cmd/powershell_base64.rb
Disclosure date: -
Last modification time: 2017-07-24 06:26:21 +0000
Supported architecture(s): cmd
Supported platform(s): Windows
Target service / protocol: -
Target network port(s): -
List of CVEs: -
This encodes the command as a base64 encoded command for powershell.
Module Ranking and Traits
Module Ranking:
- excellent: The exploit will never crash the service. This is the case for SQL Injection, CMD execution, RFI, LFI, etc. No typical memory corruption exploits should be given this ranking unless there are extraordinary circumstances. More information about ranking can be found here.
Basic Usage
msf > use encoder/cmd/powershell_base64
msf encoder(powershell_base64) > show targets
... a list of targets ...
msf encoder(powershell_base64) > set TARGET target-id
msf encoder(powershell_base64) > show options
... show and set options ...
msf encoder(powershell_base64) > exploit
Go back to menu.
Msfconsole Usage
Here is how the encoder/cmd/powershell_base64 module looks in the msfconsole:
msf6 > use encoder/cmd/powershell_base64
msf6 encoder(cmd/powershell_base64) > show info
Name: Powershell Base64 Command Encoder
Module: encoder/cmd/powershell_base64
Platform: Windows
Arch: cmd
Rank: Excellent
Provided by:
Ben Campbell <[email protected]>
Description:
This encodes the command as a base64 encoded command for powershell.
Module Options
This is a complete list of options available in the encoder/cmd/powershell_base64 module:
msf6 encoder(cmd/powershell_base64) > show options
Module options (encoder/cmd/powershell_base64):
Name Current Setting Required Description
---- --------------- -------- -----------
Advanced Options
Here is a complete list of advanced options supported by the encoder/cmd/powershell_base64 module:
msf6 encoder(cmd/powershell_base64) > show advanced
Module advanced options (encoder/cmd/powershell_base64):
Name Current Setting Required Description
---- --------------- -------- -----------
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Go back to menu.
Related Pull Requests
- #8716 Merged Pull Request: Print_Status -> Print_Good (And OCD bits 'n bobs)
- #8338 Merged Pull Request: Fix msf/core and self.class msftidy warnings
- #6655 Merged Pull Request: use MetasploitModule as a class name
- #6648 Merged Pull Request: Change metasploit class names
- #2964 Merged Pull Request: Powershell CMD Encoder
Go back to menu.
See Also
Check also the following modules related to this module:
- encoder/cmd/brace
- encoder/cmd/echo
- encoder/cmd/generic_sh
- encoder/cmd/ifs
- encoder/cmd/perl
- encoder/cmd/printf_php_mq
- encoder/php/base64
- encoder/ruby/base64
Authors
Ben Campbell
Version
This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.