I am trying to use powershell to download and execute a file with arguments:
. { iwr -useb https://github.com/int0x33/nc.exe/blob/master/nc64.exe?raw=true } | iex; <IP> 9001
I get this error:
Unexpected token '9001' in expression or statement.
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnexpectedToken
Any help appreciated.
Invoke-Expression (ie) is for interpreting and executing text as PowerShell code[1] - you can't use it to execute a binary download directly (which PowerShell fundamentally doesn't support).
Instead, use Invoke-WebRequest's (iwr's) -OutFile parameter to download the binary content to a local file and execute the latter:
iwr -useb https://github.com/int0x33/nc.exe/blob/master/nc64.exe?raw=true -OutFile ./nc64.exe
./nc64.exe $someIp 9001
[1] The obligatory warning: Invoke-Expression (iex) should generally be avoided and used only as a last resort, due to its inherent security risks. Superior alternatives are usually available. If there truly is no alternative, only ever use it on input you either provided yourself or fully trust - see this answer.