Amnesiac
  • Welcome
  • Intended Usage
  • Get-Started
    • Quick Start
  • Main Menu
    • Available Commands
    • Main Menu Structure
    • [0] Scan Network for Admin Access
    • [1] Single-Listener (single target)
    • [2] Global-Listener (multiple targets)
    • [3] Scan Network for Listening Targets
    • Bookmarks
    • Payload Types
    • Payload Delivery
    • Serving Scripts
    • Sessions Display
    • Targets
    • Terminate Sessions
  • Sessions
    • Core Commands
      • Download
      • Exit
      • GListener
      • GLSet
      • Help
      • Kill
      • OneIsNone
      • Scramble
      • Sync
      • Toggle
      • Upload
    • System Commands
      • AV
      • Net
      • Process
      • Services
      • Sessions
      • Software
      • Startup
    • User Activity
      • ClearLogs
      • Clipboard
      • History and ClearHistory
      • Keylog and KeylogRead
      • ScreenShot and Screen4K
    • Scripts Loading
      • Mimi
      • Patch and PatchNet
      • PInject
      • PowerView
      • Rubeus
      • TLS
    • Local Actions
      • Ask4Creds
      • AutoMimi
      • CredMan
      • Dpapi
      • GetSystem
      • HashGrab
      • Hive
      • Kerb
      • Migrate
      • Monitor
    • Domain Actions
      • DCSync
      • CredValidate
      • Impersonation
      • LocalAdminAccess
      • PassSpray
      • Remoting
      • SessionHunter
  • Beware
    • Encryption
    • Non-Domain-Joined systems
    • SessionID 0
    • Timeouts
Powered by GitBook
On this page
  1. Main Menu

Payload Types

Switch between payload types

Last updated 1 year ago

Amnesiac offers four distinct payload types, each designed for specific execution environments.

The toggle command allows you to switch between these payload types based on your needs.

  1. cmd(b64): This payload is designed to be executed from the command prompt. It is encoded in base64 to ensure compatibility and avoid issues with quotes and escaping. Use this payload when interacting with the command prompt on the target system.

  2. cmd(raw): Similar to "cmd(b64)," this payload is intended for execution from the command prompt. However, it is not encoded in base64, making it suitable for scenarios where raw command execution is preferred.

  3. pwsh: This payload is meant to be executed from the PowerShell prompt. It is encoded in base64 to ensure smooth execution. Choose this payload when interacting with PowerShell on the target system.

  4. pwsh(raw): Like "pwsh," this payload is designed for execution from the PowerShell prompt. However, it is not base64 encoded, making it suitable for cases where raw PowerShell commands are required.

In summary, cmd(b64) and pwsh payloads are base64 encoded to handle quotes and escaping, pwsh(raw) and cmd(raw) offer a non-encoded option.

Users can execute these payloads wherever they gain command execution, and they should obtain a session back in Amnesiac. For examples on payload delivery, please refer to section of the documentation.

Payload Delivery