Closed trickster0 closed 4 years ago
Hi Trickster0 Regarding the EDR , i will be gratefull if you test the payloads and provide me your feedback in order to make them undetectable .
Regarding the sock tunneling . i will try to add sharpsocks to Ninja .
Regarding the Error , Am working on this issue as its happening because powerview needs credentials to use the commands and if you use it without credentials it will show this error . in order to make sure please test below commands :
load PowerView.ps1 Get-DomainComputer
( now check if the error appear )
$SecPassword = ConvertTo-SecureString '
$Cred = New-Object System.Management.Automation.PSCredential('
Get-DomainComputer -Credential $Cred
( Check if everything go smoothly and get back to me in order to add credential support for DA command )
Also i can see that you are working on standalone device not joined to domain and DA designed for domain enumeration so it will not work on standalone device
ahh indeed u might be right. do you have some chat app to talk more efficiently? like discord? so we can test it against the EDRs and give u better feedback?
Apex One - HTA Passed (Did not test exe) Crowdstrike - HTA Failed, exe passed Cylance - HTA Passed ESET - HTA Passed Fireeye - HTA Passed SentinelOne - HTA Passed Kaspersky - HTA Failed, exe succeeded but got deleted after executing 1st command
Thank you bro
DA command failed...
also let me know if u need any assistance testing against EDRs. I can help u with that. In addition, consider adding proxy sock dynamic tunneling.