search

Tylous / SourcePoint

SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
1.01k stars 150 forks source link

Unknown string replace option kills powershell-import #21

Closed tpmiller87 closed 9 months ago

tpmiller87 commented 9 months ago

One of the string replace options kills the functionality of powershell-import.

Prior to running powershell-import, powerpick works fine. After importing Powerview, powerpick shows this error on any command (notice the simple whoami, it doesn't recognize any imported commands at all):

image

I deleted all of the strrep lines in both x86 and x64 and both powershell-import and powerpick worked as intended.

Before I split the strreps into chunks to find the bad one (or couple), any ideas?

Tylous commented 9 months ago

Not sure, I'll have to test.

Tylous commented 9 months ago

I figured out the issue I will pushing out a fix shortly.

Tylous commented 9 months ago

There is a new version 3.0 that should address this.