fsacer
commented
2 years ago I'm getting the same issue with powershell one-liner
Open Mister-Joe opened 2 years ago
fsacer
commented
2 years ago I'm getting the same issue with powershell one-liner
calebstewart
commented
2 years ago Windows support is currently in a... precarious state... pwncat utilized a staged C2 which is currently to disk. Windows Defender has a detection specifically for pwncat and blocks it from executing, which is my initial thought when I see problems like this.
There could also be other issues. For example, many Windows shell implementations do not actually provide full STDIO access for the shell. A lot of them line buffer the IO, which will break pwncat when it tries to spawn the C2 (assuming that the C2 isn't blocked by Defender).
I need to revisit the Windows implementation within pwncat soon, but haven't had the time.
fsacer
commented
2 years ago ah cool, well maybe there is no need for that staged C2, I though I could just use pwncat to handle multiple nc sessions, since there isn't any good tools for that afaik
PinkPantherX
commented
2 years ago I am having the same issue. Any chance of solving this issue soon?
RealFakeAccount
commented
2 years ago In some situation, certain payload from revshells.com won't work, but payload from msfvenom will work.
Therefore, I suggest you to try generate payload using msfvenom (you can use hta-psh to get base64 powershell payload).
Bug Description
pwncat terminates with the error
connection failed: channel receive timed out: b''a few seconds after receiving a connection from a Windows 10 reverse shellpwncat version
Target System (aka "victim")
The system in question is "Algernon" from Offensive Security Proving Grounds
Steps to Reproduce
Expected Behavior
pwncat should establish a fully-interactive (Windows) reverse shell
Screenshots
As shown in the following screenshot, netcat successfully receives the reverse powershell shell.