Payload Types

Switch between payload types

Amnesiac offers four distinct payload types, each designed for specific execution environments.

The toggle command allows you to switch between these payload types based on your needs.

1. cmd(b64): This payload is designed to be executed from the command prompt. It is encoded in base64 to ensure compatibility and avoid issues with quotes and escaping. Use this payload when interacting with the command prompt on the target system.

2. cmd(raw): Similar to "cmd(b64)," this payload is intended for execution from the command prompt. However, it is not encoded in base64, making it suitable for scenarios where raw command execution is preferred.

3. pwsh: This payload is meant to be executed from the PowerShell prompt. It is encoded in base64 to ensure smooth execution. Choose this payload when interacting with PowerShell on the target system.

4. pwsh(raw): Like "pwsh," this payload is designed for execution from the PowerShell prompt. However, it is not base64 encoded, making it suitable for cases where raw PowerShell commands are required.

In summary, cmd(b64) and pwsh payloads are base64 encoded to handle quotes and escaping, pwsh(raw) and cmd(raw) offer a non-encoded option.

Users can execute these payloads wherever they gain command execution, and they should obtain a session back in Amnesiac. For examples on payload delivery, please refer to Payload Delivery section of the documentation.