Hack Windows7 PC using Powershell Attack Vector in Social Engineering Toolkit (Bypassing Antivirus)

Note That These Commands used in Backtrack Linux Distro can also be used in any linux Distro just Edit the commands based upon how your Distro is setup apart from that Everything should work

The Powershell Attack Vector module allows you to create PowerShell specific attacks. These attacks will allow you to use PowerShell which is available by default in all operating systems Windows Vista and above. PowerShell provides a fruitful landscape for deploying payloads and performing functions that do not get triggered by

Preventative Technologies.

  • Powershell Alphanumeric Shellcode Injector
  • Powershell Reverse Shell
  • Powershell Bind Shell
  • Powershell Dump SAM Database

Open your backtrack terminal & Type cd /pentest/exploits/set

Now Open Social Engineering Toolkit (SET). /set

Now choose 1, “Social-Engineering Attacks

Now choose 10, “Powershell Attack Vector

Now choose 1, “Powershell Alphanumeric Shellcode Injector” and type IP address of Your PC for Reverse Connection.

Now create the exploit code for 32 and 64 bit Windows:

Now is retrieve the Powershell code that SET created. The code is saved in /pentest/exploits/set/reports/powershell/x64_powershell_injection.txt

Now send your x64_powershell_injection.txt files to victim via chat or email or any social engineering technique and convene the victim to open x64_powershell_injection.txt and Paste it into a Windows 7 command prompt

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s