Closed mubix closed 9 years ago
Seems like the Invoke-Mimikatz powershell automatically puts anything with a space on a new command line.
Yea, this is something with the quoting. We will play around with it and get back to you. Groups without a space should work however, Invoke-Mimikatz will take groups with a space and drop them on separate lines.
This gets tricky as Mimikatz uses CommandLineToArgvW (which is notoriously annoying) to do its parsing, and we're trying to pass a single PowerShell literal string (with 's) with spacing and quotes escaped within it. That said, pretty sure I have a workaround, and will try to get the code up tomorrow after some testing.
@mubix, If you do a pull, this bug should be fixed. Due to the way it interprets spacing, you will get an error in the mimikatz output followed by the correct command and result. The commit is here: https://github.com/PowerShellEmpire/Empire/commit/4ceafec807178c445c2da22fda7fac5c8e4a4734
Thanks for the report.
Note sure how I'm supposed to put quotes in modules, is there a trick to it?