module

Powershell Exec, Windows x64 Reverse Named Pipe (SMB) Stager

Disclosed
N/A
Created
2022-05-11

Description

Execute an x64 payload from a command via PowerShell.

Connect back to the attacker via a named pipe pivot

Authors

Spencer McIntyre
skape mmiller@hick.org
sf stephen_fewer@harmonysecurity.com
OJ Reeves

Platform

Windows

Architectures

cmd

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


msf > use payload/cmd/windows/powershell/x64/meterpreter/reverse_named_pipe
msf payload(reverse_named_pipe) > show actions
...actions...
msf payload(reverse_named_pipe) > set ACTION < action-name >
msf payload(reverse_named_pipe) > show options
...show and set options...
msf payload(reverse_named_pipe) > run

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.