Okay, so you’ve landed in a constrained language PowerShell on a remote box, and the local application security policy is stopping you from using all the regular stuff (e.g. netcat, opening network connections, etc)… but you need to exfil a medium amount of binary data. How would you do that?
The following isn’t perfect, but it’s the solution I used recently… feel free to share better solutions! 🙂
Continue reading “Quick Hit: Base64 PowerShell Exfiltration”