Closed StayPirate closed 5 years ago
2.5
Debian 9 (stretch)
The UA is obfuscated among the rest of the payload, it could lead to an easy detection rate from a network point of view if HTTP listener is in place.
paRam($S, $SK, $UA = 'MOzIlla/5.0 (WINDoWS NT 6.1; WOW64; TRiDeNT/7.0; rv:11.0) lIkE GEcKo')FUnCtiON COnVeRtTo - RC4ByteSTrEaM {
Nice catch, thanks.
mr64bit
commented
5 years ago mr64bit
commented
5 years ago
Empire Version
2.5
OS Information (Linux flavor, Python version)
Debian 9 (stretch)
Expected behavior and description of the error, including any actions taken immediately prior to the error. The more detail the better.
The UA is obfuscated among the rest of the payload, it could lead to an easy detection rate from a network point of view if HTTP listener is in place.
Screenshot of error, embedded text output, or Pastebin link to the error
paRam($S, $SK, $UA = 'MOzIlla/5.0 (WINDoWS NT 6.1; WOW64; TRiDeNT/7.0; rv:11.0) lIkE GEcKo')FUnCtiON COnVeRtTo - RC4ByteSTrEaM {