All Gitbook

run powershell

Get-ExecutionPolicy -List | Format-Table -AutoSize

Import-Module .\xxx.ps1 / . .\xxx.ps1

cmd -> ps = powershell -ep bypass

LogoEnable JavaScript to use searchwww.google.com

exec policy bypass

direct run in memory from host server

RCE when knowing computer name and as XXX\User (e.g. XXX.domain.local)

PreviousFile transferNextPost-exploit check

Last updated