Powershell Exec, Windows Executable Download (http,https,ftp) and Execute - Metasploit
This page contains detailed information about how to use the payload/cmd/windows/powershell/download_exec metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: Powershell Exec, Windows Executable Download (http,https,ftp) and Execute
Module: payload/cmd/windows/powershell/download_exec
Source code: modules/payloads/adapters/cmd/windows/powershell.rb
Disclosure date: -
Last modification time: 2022-05-27 16:41:25 +0000
Supported architecture(s): cmd
Supported platform(s): Windows
Target service / protocol: -
Target network port(s): -
List of CVEs: -
Execute an x86 payload from a command via PowerShell. Download an EXE from an HTTP(S)/FTP URL and execute it
Module Ranking and Traits
Module Ranking:
- normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.
Basic Usage
msf > use payload/cmd/windows/powershell/download_exec
msf payload(download_exec) > show options
... show and set options ...
msf payload(download_exec) > generate
To learn how to generate payload/cmd/windows/powershell/download_exec with msfvenom, please read this.
Go back to menu.
Msfconsole Usage
Here is how the cmd/windows/powershell/download_exec payload module looks in the msfconsole:
msf6 > use payload/cmd/windows/powershell/download_exec
msf6 payload(cmd/windows/powershell/download_exec) > show info
Name: Powershell Exec, Windows Executable Download (http,https,ftp) and Execute
Module: payload/cmd/windows/powershell/download_exec
Platform: Windows
Arch: cmd
Needs Admin: No
Total size: 3720
Rank: Normal
Provided by:
Spencer McIntyre
corelanc0d3r <[email protected]>
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
EXE rund11.exe yes Filename to save & run executable on target system
EXITFUNC process yes Exit technique (Accepted: '', seh, thread, process, none)
URL https://localhost:443/evil.exe yes The pre-encoded URL to the executable
Description:
Execute an x86 payload from a command via PowerShell. Download an
EXE from an HTTP(S)/FTP URL and execute it
Module Options
This is a complete list of options available in the cmd/windows/powershell/download_exec payload:
msf6 payload(cmd/windows/powershell/download_exec) > show options
Module options (payload/cmd/windows/powershell/download_exec):
Name Current Setting Required Description
---- --------------- -------- -----------
EXE rund11.exe yes Filename to save & run executable on target system
EXITFUNC process yes Exit technique (Accepted: '', seh, thread, process, none)
URL https://localhost:443/evil.exe yes The pre-encoded URL to the executable
Advanced Options
Here is a complete list of advanced options supported by the cmd/windows/powershell/download_exec payload:
msf6 payload(cmd/windows/powershell/download_exec) > show advanced
Module advanced options (payload/cmd/windows/powershell/download_exec):
Name Current Setting Required Description
---- --------------- -------- -----------
Powershell::encode_final_payload false yes Encode final payload for -EncodedCommand
Powershell::encode_inner_payload false yes Encode inner payload for -EncodedCommand
Powershell::exec_in_place false yes Produce PSH without executable wrapper
Powershell::exec_rc4 false yes Encrypt PSH with RC4
Powershell::method reflection yes Payload delivery method (Accepted: net, reflection, old, msil)
Powershell::no_equals false yes Pad base64 until no "=" remains
Powershell::noninteractive true yes Execute powershell without interaction
Powershell::persist false yes Run the payload in a loop
Powershell::prepend_protections_bypass auto yes Prepend AMSI/SBL bypass (Accepted: auto, true, false)
Powershell::prepend_sleep no Prepend seconds of sleep
Powershell::remove_comspec false yes Produce script calling powershell directly
Powershell::strip_comments true yes Strip comments
Powershell::strip_whitespace false yes Strip whitespace
Powershell::sub_funcs false yes Substitute function names
Powershell::sub_vars true yes Substitute variable names
Powershell::wrap_double_quotes true yes Wraps the -Command argument in single quotes
PrependMigrate false yes Spawns and runs shellcode in new process
PrependMigrateProc no Process to spawn and run shellcode in
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Go back to menu.
Related Pull Requests
- #16588 Merged Pull Request: Check size for compatibility with powershell
- #16548 Merged Pull Request: Add Powershell Command Adapter
Go back to menu.
See Also
Check also the following modules related to this module:
- payload/cmd/windows/adduser
- payload/cmd/windows/bind_lua
- payload/cmd/windows/bind_perl
- payload/cmd/windows/bind_perl_ipv6
- payload/cmd/windows/bind_ruby
- payload/cmd/windows/download_eval_vbs
- payload/cmd/windows/download_exec_vbs
- payload/cmd/windows/generic
- payload/cmd/windows/jjs_reverse_tcp
- payload/cmd/windows/powershell/adduser
- payload/cmd/windows/powershell_bind_tcp
- payload/cmd/windows/powershell/custom/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/custom/bind_hidden_tcp
- payload/cmd/windows/powershell/custom/bind_ipv6_tcp
- payload/cmd/windows/powershell/custom/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/custom/bind_named_pipe
- payload/cmd/windows/powershell/custom/bind_nonx_tcp
- payload/cmd/windows/powershell/custom/bind_tcp
- payload/cmd/windows/powershell/custom/bind_tcp_rc4
- payload/cmd/windows/powershell/custom/bind_tcp_uuid
- payload/cmd/windows/powershell/custom/find_tag
- payload/cmd/windows/powershell/custom/reverse_hop_http
- payload/cmd/windows/powershell/custom/reverse_http
- payload/cmd/windows/powershell/custom/reverse_http_proxy_pstore
- payload/cmd/windows/powershell/custom/reverse_https
- payload/cmd/windows/powershell/custom/reverse_https_proxy
- payload/cmd/windows/powershell/custom/reverse_ipv6_tcp
- payload/cmd/windows/powershell/custom/reverse_named_pipe
- payload/cmd/windows/powershell/custom/reverse_nonx_tcp
- payload/cmd/windows/powershell/custom/reverse_ord_tcp
- payload/cmd/windows/powershell/custom/reverse_tcp
- payload/cmd/windows/powershell/custom/reverse_tcp_allports
- payload/cmd/windows/powershell/custom/reverse_tcp_dns
- payload/cmd/windows/powershell/custom/reverse_tcp_rc4
- payload/cmd/windows/powershell/custom/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/custom/reverse_tcp_uuid
- payload/cmd/windows/powershell/custom/reverse_udp
- payload/cmd/windows/powershell/custom/reverse_winhttp
- payload/cmd/windows/powershell/custom/reverse_winhttps
- payload/cmd/windows/powershell/dllinject/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/dllinject/bind_hidden_tcp
- payload/cmd/windows/powershell/dllinject/bind_ipv6_tcp
- payload/cmd/windows/powershell/dllinject/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/dllinject/bind_named_pipe
- payload/cmd/windows/powershell/dllinject/bind_nonx_tcp
- payload/cmd/windows/powershell/dllinject/bind_tcp
- payload/cmd/windows/powershell/dllinject/bind_tcp_rc4
- payload/cmd/windows/powershell/dllinject/bind_tcp_uuid
- payload/cmd/windows/powershell/dllinject/find_tag
- payload/cmd/windows/powershell/dllinject/reverse_hop_http
- payload/cmd/windows/powershell/dllinject/reverse_http
- payload/cmd/windows/powershell/dllinject/reverse_http_proxy_pstore
- payload/cmd/windows/powershell/dllinject/reverse_ipv6_tcp
- payload/cmd/windows/powershell/dllinject/reverse_nonx_tcp
- payload/cmd/windows/powershell/dllinject/reverse_ord_tcp
- payload/cmd/windows/powershell/dllinject/reverse_tcp
- payload/cmd/windows/powershell/dllinject/reverse_tcp_allports
- payload/cmd/windows/powershell/dllinject/reverse_tcp_dns
- payload/cmd/windows/powershell/dllinject/reverse_tcp_rc4
- payload/cmd/windows/powershell/dllinject/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/dllinject/reverse_tcp_uuid
- payload/cmd/windows/powershell/dllinject/reverse_winhttp
- payload/cmd/windows/powershell/dns_txt_query_exec
- payload/cmd/windows/powershell/exec
- payload/cmd/windows/powershell/format_all_drives
- payload/cmd/windows/powershell/generic/debug_trap
- payload/cmd/windows/powershell/generic/tight_loop
- payload/cmd/windows/powershell/loadlibrary
- payload/cmd/windows/powershell/messagebox
- payload/cmd/windows/powershell/meterpreter/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/meterpreter/bind_hidden_tcp
- payload/cmd/windows/powershell/meterpreter/bind_ipv6_tcp
- payload/cmd/windows/powershell/meterpreter/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/meterpreter/bind_named_pipe
- payload/cmd/windows/powershell/meterpreter/bind_nonx_tcp
- payload/cmd/windows/powershell/meterpreter/bind_tcp
- payload/cmd/windows/powershell/meterpreter/bind_tcp_rc4
- payload/cmd/windows/powershell/meterpreter/bind_tcp_uuid
- payload/cmd/windows/powershell/meterpreter/find_tag
- payload/cmd/windows/powershell/meterpreter/reverse_hop_http
- payload/cmd/windows/powershell/meterpreter/reverse_http
- payload/cmd/windows/powershell/meterpreter/reverse_http_proxy_pstore
- payload/cmd/windows/powershell/meterpreter/reverse_https
- payload/cmd/windows/powershell/meterpreter/reverse_https_proxy
- payload/cmd/windows/powershell/meterpreter/reverse_ipv6_tcp
- payload/cmd/windows/powershell/meterpreter/reverse_named_pipe
- payload/cmd/windows/powershell/meterpreter/reverse_nonx_tcp
- payload/cmd/windows/powershell/meterpreter/reverse_ord_tcp
- payload/cmd/windows/powershell/meterpreter/reverse_tcp
- payload/cmd/windows/powershell/meterpreter/reverse_tcp_allports
- payload/cmd/windows/powershell/meterpreter/reverse_tcp_dns
- payload/cmd/windows/powershell/meterpreter/reverse_tcp_rc4
- payload/cmd/windows/powershell/meterpreter/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/meterpreter/reverse_tcp_uuid
- payload/cmd/windows/powershell/meterpreter/reverse_winhttp
- payload/cmd/windows/powershell/meterpreter/reverse_winhttps
- payload/cmd/windows/powershell/metsvc_bind_tcp
- payload/cmd/windows/powershell/metsvc_reverse_tcp
- payload/cmd/windows/powershell/patchupdllinject/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/patchupdllinject/bind_hidden_tcp
- payload/cmd/windows/powershell/patchupdllinject/bind_ipv6_tcp
- payload/cmd/windows/powershell/patchupdllinject/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/patchupdllinject/bind_named_pipe
- payload/cmd/windows/powershell/patchupdllinject/bind_nonx_tcp
- payload/cmd/windows/powershell/patchupdllinject/bind_tcp
- payload/cmd/windows/powershell/patchupdllinject/bind_tcp_rc4
- payload/cmd/windows/powershell/patchupdllinject/bind_tcp_uuid
- payload/cmd/windows/powershell/patchupdllinject/find_tag
- payload/cmd/windows/powershell/patchupdllinject/reverse_ipv6_tcp
- payload/cmd/windows/powershell/patchupdllinject/reverse_nonx_tcp
- payload/cmd/windows/powershell/patchupdllinject/reverse_ord_tcp
- payload/cmd/windows/powershell/patchupdllinject/reverse_tcp
- payload/cmd/windows/powershell/patchupdllinject/reverse_tcp_allports
- payload/cmd/windows/powershell/patchupdllinject/reverse_tcp_dns
- payload/cmd/windows/powershell/patchupdllinject/reverse_tcp_rc4
- payload/cmd/windows/powershell/patchupdllinject/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/patchupdllinject/reverse_tcp_uuid
- payload/cmd/windows/powershell/patchupmeterpreter/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/bind_hidden_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/bind_ipv6_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/patchupmeterpreter/bind_named_pipe
- payload/cmd/windows/powershell/patchupmeterpreter/bind_nonx_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/bind_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/bind_tcp_rc4
- payload/cmd/windows/powershell/patchupmeterpreter/bind_tcp_uuid
- payload/cmd/windows/powershell/patchupmeterpreter/find_tag
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_ipv6_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_nonx_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_ord_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_tcp
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_tcp_allports
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_tcp_dns
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_tcp_rc4
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/patchupmeterpreter/reverse_tcp_uuid
- payload/cmd/windows/powershell/peinject/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/peinject/bind_hidden_tcp
- payload/cmd/windows/powershell/peinject/bind_ipv6_tcp
- payload/cmd/windows/powershell/peinject/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/peinject/bind_named_pipe
- payload/cmd/windows/powershell/peinject/bind_nonx_tcp
- payload/cmd/windows/powershell/peinject/bind_tcp
- payload/cmd/windows/powershell/peinject/bind_tcp_rc4
- payload/cmd/windows/powershell/peinject/bind_tcp_uuid
- payload/cmd/windows/powershell/peinject/find_tag
- payload/cmd/windows/powershell/peinject/reverse_ipv6_tcp
- payload/cmd/windows/powershell/peinject/reverse_named_pipe
- payload/cmd/windows/powershell/peinject/reverse_nonx_tcp
- payload/cmd/windows/powershell/peinject/reverse_ord_tcp
- payload/cmd/windows/powershell/peinject/reverse_tcp
- payload/cmd/windows/powershell/peinject/reverse_tcp_allports
- payload/cmd/windows/powershell/peinject/reverse_tcp_dns
- payload/cmd/windows/powershell/peinject/reverse_tcp_rc4
- payload/cmd/windows/powershell/peinject/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/peinject/reverse_tcp_uuid
- payload/cmd/windows/powershell/pingback_bind_tcp
- payload/cmd/windows/powershell/pingback_reverse_tcp
- payload/cmd/windows/powershell/powershell_bind_tcp
- payload/cmd/windows/powershell/powershell_reverse_tcp
- payload/cmd/windows/powershell/powershell_reverse_tcp_ssl
- payload/cmd/windows/powershell_reverse_tcp
- payload/cmd/windows/powershell_reverse_tcp_ssl
- payload/cmd/windows/powershell/shell/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/shell/bind_hidden_tcp
- payload/cmd/windows/powershell/shell/bind_ipv6_tcp
- payload/cmd/windows/powershell/shell/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/shell/bind_named_pipe
- payload/cmd/windows/powershell/shell/bind_nonx_tcp
- payload/cmd/windows/powershell/shell/bind_tcp
- payload/cmd/windows/powershell/shell_bind_tcp
- payload/cmd/windows/powershell/shell/bind_tcp_rc4
- payload/cmd/windows/powershell/shell/bind_tcp_uuid
- payload/cmd/windows/powershell/shell_bind_tcp_xpfw
- payload/cmd/windows/powershell/shell/find_tag
- payload/cmd/windows/powershell/shell_hidden_bind_tcp
- payload/cmd/windows/powershell/shell/reverse_ipv6_tcp
- payload/cmd/windows/powershell/shell/reverse_nonx_tcp
- payload/cmd/windows/powershell/shell/reverse_ord_tcp
- payload/cmd/windows/powershell/shell/reverse_tcp
- payload/cmd/windows/powershell/shell_reverse_tcp
- payload/cmd/windows/powershell/shell/reverse_tcp_allports
- payload/cmd/windows/powershell/shell/reverse_tcp_dns
- payload/cmd/windows/powershell/shell/reverse_tcp_rc4
- payload/cmd/windows/powershell/shell/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/shell/reverse_tcp_uuid
- payload/cmd/windows/powershell/shell/reverse_udp
- payload/cmd/windows/powershell/speak_pwned
- payload/cmd/windows/powershell/upexec/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/upexec/bind_hidden_tcp
- payload/cmd/windows/powershell/upexec/bind_ipv6_tcp
- payload/cmd/windows/powershell/upexec/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/upexec/bind_named_pipe
- payload/cmd/windows/powershell/upexec/bind_nonx_tcp
- payload/cmd/windows/powershell/upexec/bind_tcp
- payload/cmd/windows/powershell/upexec/bind_tcp_rc4
- payload/cmd/windows/powershell/upexec/bind_tcp_uuid
- payload/cmd/windows/powershell/upexec/find_tag
- payload/cmd/windows/powershell/upexec/reverse_ipv6_tcp
- payload/cmd/windows/powershell/upexec/reverse_nonx_tcp
- payload/cmd/windows/powershell/upexec/reverse_ord_tcp
- payload/cmd/windows/powershell/upexec/reverse_tcp
- payload/cmd/windows/powershell/upexec/reverse_tcp_allports
- payload/cmd/windows/powershell/upexec/reverse_tcp_dns
- payload/cmd/windows/powershell/upexec/reverse_tcp_rc4
- payload/cmd/windows/powershell/upexec/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/upexec/reverse_tcp_uuid
- payload/cmd/windows/powershell/upexec/reverse_udp
- payload/cmd/windows/powershell/vncinject/bind_hidden_ipknock_tcp
- payload/cmd/windows/powershell/vncinject/bind_hidden_tcp
- payload/cmd/windows/powershell/vncinject/bind_ipv6_tcp
- payload/cmd/windows/powershell/vncinject/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/vncinject/bind_named_pipe
- payload/cmd/windows/powershell/vncinject/bind_nonx_tcp
- payload/cmd/windows/powershell/vncinject/bind_tcp
- payload/cmd/windows/powershell/vncinject/bind_tcp_rc4
- payload/cmd/windows/powershell/vncinject/bind_tcp_uuid
- payload/cmd/windows/powershell/vncinject/find_tag
- payload/cmd/windows/powershell/vncinject/reverse_hop_http
- payload/cmd/windows/powershell/vncinject/reverse_http
- payload/cmd/windows/powershell/vncinject/reverse_http_proxy_pstore
- payload/cmd/windows/powershell/vncinject/reverse_ipv6_tcp
- payload/cmd/windows/powershell/vncinject/reverse_nonx_tcp
- payload/cmd/windows/powershell/vncinject/reverse_ord_tcp
- payload/cmd/windows/powershell/vncinject/reverse_tcp
- payload/cmd/windows/powershell/vncinject/reverse_tcp_allports
- payload/cmd/windows/powershell/vncinject/reverse_tcp_dns
- payload/cmd/windows/powershell/vncinject/reverse_tcp_rc4
- payload/cmd/windows/powershell/vncinject/reverse_tcp_rc4_dns
- payload/cmd/windows/powershell/vncinject/reverse_tcp_uuid
- payload/cmd/windows/powershell/vncinject/reverse_winhttp
- payload/cmd/windows/powershell/x64/custom/bind_ipv6_tcp
- payload/cmd/windows/powershell/x64/custom/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/x64/custom/bind_named_pipe
- payload/cmd/windows/powershell/x64/custom/bind_tcp
- payload/cmd/windows/powershell/x64/custom/bind_tcp_rc4
- payload/cmd/windows/powershell/x64/custom/bind_tcp_uuid
- payload/cmd/windows/powershell/x64/custom/reverse_http
- payload/cmd/windows/powershell/x64/custom/reverse_https
- payload/cmd/windows/powershell/x64/custom/reverse_named_pipe
- payload/cmd/windows/powershell/x64/custom/reverse_tcp
- payload/cmd/windows/powershell/x64/custom/reverse_tcp_rc4
- payload/cmd/windows/powershell/x64/custom/reverse_tcp_uuid
- payload/cmd/windows/powershell/x64/custom/reverse_winhttp
- payload/cmd/windows/powershell/x64/custom/reverse_winhttps
- payload/cmd/windows/powershell/x64/exec
- payload/cmd/windows/powershell/x64/loadlibrary
- payload/cmd/windows/powershell/x64/messagebox
- payload/cmd/windows/powershell/x64/meterpreter/bind_ipv6_tcp
- payload/cmd/windows/powershell/x64/meterpreter/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/x64/meterpreter/bind_named_pipe
- payload/cmd/windows/powershell/x64/meterpreter/bind_tcp
- payload/cmd/windows/powershell/x64/meterpreter/bind_tcp_rc4
- payload/cmd/windows/powershell/x64/meterpreter/bind_tcp_uuid
- payload/cmd/windows/powershell/x64/meterpreter/reverse_http
- payload/cmd/windows/powershell/x64/meterpreter/reverse_https
- payload/cmd/windows/powershell/x64/meterpreter/reverse_named_pipe
- payload/cmd/windows/powershell/x64/meterpreter/reverse_tcp
- payload/cmd/windows/powershell/x64/meterpreter/reverse_tcp_rc4
- payload/cmd/windows/powershell/x64/meterpreter/reverse_tcp_uuid
- payload/cmd/windows/powershell/x64/meterpreter/reverse_winhttp
- payload/cmd/windows/powershell/x64/meterpreter/reverse_winhttps
- payload/cmd/windows/powershell/x64/peinject/bind_ipv6_tcp
- payload/cmd/windows/powershell/x64/peinject/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/x64/peinject/bind_named_pipe
- payload/cmd/windows/powershell/x64/peinject/bind_tcp
- payload/cmd/windows/powershell/x64/peinject/bind_tcp_rc4
- payload/cmd/windows/powershell/x64/peinject/bind_tcp_uuid
- payload/cmd/windows/powershell/x64/peinject/reverse_named_pipe
- payload/cmd/windows/powershell/x64/peinject/reverse_tcp
- payload/cmd/windows/powershell/x64/peinject/reverse_tcp_rc4
- payload/cmd/windows/powershell/x64/peinject/reverse_tcp_uuid
- payload/cmd/windows/powershell/x64/pingback_reverse_tcp
- payload/cmd/windows/powershell/x64/powershell_bind_tcp
- payload/cmd/windows/powershell/x64/powershell_reverse_tcp
- payload/cmd/windows/powershell/x64/powershell_reverse_tcp_ssl
- payload/cmd/windows/powershell/x64/shell/bind_ipv6_tcp
- payload/cmd/windows/powershell/x64/shell/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/x64/shell/bind_named_pipe
- payload/cmd/windows/powershell/x64/shell/bind_tcp
- payload/cmd/windows/powershell/x64/shell_bind_tcp
- payload/cmd/windows/powershell/x64/shell/bind_tcp_rc4
- payload/cmd/windows/powershell/x64/shell/bind_tcp_uuid
- payload/cmd/windows/powershell/x64/shell/reverse_tcp
- payload/cmd/windows/powershell/x64/shell_reverse_tcp
- payload/cmd/windows/powershell/x64/shell/reverse_tcp_rc4
- payload/cmd/windows/powershell/x64/shell/reverse_tcp_uuid
- payload/cmd/windows/powershell/x64/vncinject/bind_ipv6_tcp
- payload/cmd/windows/powershell/x64/vncinject/bind_ipv6_tcp_uuid
- payload/cmd/windows/powershell/x64/vncinject/bind_named_pipe
- payload/cmd/windows/powershell/x64/vncinject/bind_tcp
- payload/cmd/windows/powershell/x64/vncinject/bind_tcp_rc4
- payload/cmd/windows/powershell/x64/vncinject/bind_tcp_uuid
- payload/cmd/windows/powershell/x64/vncinject/reverse_http
- payload/cmd/windows/powershell/x64/vncinject/reverse_https
- payload/cmd/windows/powershell/x64/vncinject/reverse_tcp
- payload/cmd/windows/powershell/x64/vncinject/reverse_tcp_rc4
- payload/cmd/windows/powershell/x64/vncinject/reverse_tcp_uuid
- payload/cmd/windows/powershell/x64/vncinject/reverse_winhttp
- payload/cmd/windows/powershell/x64/vncinject/reverse_winhttps
- payload/cmd/windows/reverse_lua
- payload/cmd/windows/reverse_perl
- payload/cmd/windows/reverse_powershell
- payload/cmd/windows/reverse_ruby
Authors
- Spencer McIntyre
- corelanc0d3r <peter.ve[at]corelan.be>
Version
This page has been produced using Metasploit Framework version 6.2.29-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.