Fun with One Line of Powershell presented at BsidesCleveland 2016

by Matthew Turner,

Summary : This talk shows how to use one line of PowerShell in different ways to get meterpreter on a system. Beginning with the creation of a malicious ps1 file using msfvenom, starting a handler, and hosting the malicious ps1 for targets to download. Once the target runs the one liner, it'll download and execute the malicious ps1 file giving you a meterpreter session. I then go over different ways to get targets to run the one liner using a Teensy, a shortcut on a network share, a macro enabled spreadsheet, a misconfigured mssql server (blank SA), and using ysoserial to exploit vulnerable java deserialization functionality.