meterpreter_ps_stager

Description

This script is a PowerShell-based wrapper around **msfvenom** that generates Windows Meterpreter payloads in PowerShell reflection format.

Meterpreter Payload Generator (PowerShell)

Overview

This script is a PowerShell-based wrapper around msfvenom that generates Windows Meterpreter payloads in PowerShell reflection format and returns the generated payload directly to the PowerShell pipeline.

Features

  • Supports Windows Meterpreter payload generation via msfvenom
  • Architecture-aware payload selection (x86 or x64)
  • Reverse payload support with configurable callback host and port
  • Uses PowerShell reflection output format (psh-reflection)
  • Executes msfvenom via /bin/sh -c for compatibility in Linux-based environments
  • Validates execution success using exit codes
  • Returns generated payload text directly to the PowerShell pipeline
  • Safe for non-interactive / embedded PowerShell hosts

Prerequisites

  • Linux system with:
    • msfvenom installed and available on PATH
    • /bin/sh available
  • PowerShell Core
  • A functional Run-Command cmdlet capable of:
    • Executing external processes
    • Returning StandardOutput, StandardError, and ExitCode
  • A helper function Get-TempFilename that returns a writable temporary file path

Parameters

-Payload

Optional
Specifies the Meterpreter payload variant to generate.

  • Allowed values:
    • reverse_tcp
    • reverse_http
    • reverse_https
  • Default: reverse_tcp
  • Parameter set: Reverse

Parameters

Name Required Parameter Set Type Default Allowed Values Description
Payload No Reverse string reverse_tcp reverse_tcp, reverse_http, reverse_https Specifies the Meterpreter payload variant to generate. Determines the transport mechanism used for the callback.
Architecture Yes Reverse, Bind string x86, x64 Target architecture of the generated Windows payload. Controls the msfvenom payload path selection.
RHost Yes Reverse string Any valid IP or hostname IP address or hostname that the reverse payload will connect back to.
RPort No Reverse int 4444 Valid TCP port TCP port used by the reverse payload to connect back to the listener.
LPort No Bind int 4444 Valid TCP port TCP port that a bind payload would listen on locally (bind payload support is currently limited).
Scroll to Top