Skip to content
This repository has been archived by the owner on Dec 11, 2018. It is now read-only.

Latest commit

 

History

History
32 lines (21 loc) · 782 Bytes

Powershell.md

File metadata and controls

32 lines (21 loc) · 782 Bytes

UPDATE BOOKMARKS - PROJECT MOVED TO A DEDICATED PROJECT SITE. THIS SITE WILL NOT BE UPDATED ANYMORE, BUT WILL BE KEPT FOR HISTORICAL REASONS.

New site: https://github.com/LOLBAS-Project/LOLBAS Web portal: https://lolbas-project.github.io/

Powershell.exe

  • Functions: Execute, Read ADS
powershell -ep bypass - < c:\temp:ttt

Acknowledgements:

  • Moriarty - @Moriarty_Meng

Code sample:

Resources:

Full path:

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Notes: Needs some more examples.... A looooooot can be done with Powershell. It is like the top of the LOLBin chain.... :-)