Posted On:September 2013 - Pentest Geek

standard

PowerSploit: The Easiest Shell You’ll Ever Get

2013/09/18 - By 

Sometimes you just want a shell. You don’t want to worry about compiling a binary, testing it against antivirus, figuring out how to upload it to the box and finally execute it. Maybe you are giving a demo of an awesome new Meterpreter post-exploitation module. Maybe you have less than a minute of physical access to a Windows kiosk machine and need a quick win. There are plenty of scenarios that end in a penetration tester gaining GUI access to a target machine through guessed or found RDP, ESX or VNC credentials. In those situations, the easiest way to get a Meterpreter shell without worrying about AV is with PowerSploit.

PowerSploit  is a collection of security-related modules and functions written in PowerShell. PowerSploit is already in both BackTrack and Kali, and its code is utilized by other awesome tools like SET  so you may already be using it!  Many of the scripts in the project are extremely useful in post-exploitation in Windows environments.  The PowerSploit project was started by Matt Graeber who is the author of the function we will use in this tutorial: Invoke-Shellcode.

Read More


Subscribe To Pentest Geek

Follow Pentest Geek

twitterrssyoutubetwitterrssyoutube

Recent Posts

Penetration Testing

Categories

Metasploit

Archives

Web Application Hacking

css.php