PowerShell

Machine:

powershell -ep bypass

-ep execution policy

IF IT HANGS:

just doesn’t work

Try it using meterpreter:

load powershell

how do I use 😭 I gotchu bro:

https://www.sans.org/blog/offensive-powershell-metasploit-meterpreter/

to run this command thru meterpreter after loading powershell:

Get-ADGroupMember -identity Helpdesk

do meterpreter>

powershell_execute 'Get-ADGroupMember -identity Helpdesk'

Use metasploit’s suggester from meterpreter:

run post/multi/recon/local_exploit_suggester