Open r0b1nv4np opened 6 years ago
Which proxies have you been testing with, very happy for you to come up with a POC also.
The one that gave me issues is McAfee web gateway.
Solution was found here : https://social.technet.microsoft.com/Forums/es-ES/632c4368-cad1-47df-846f-3f15bc34c8b4/problems-in-proxy-authentication-solved?forum=w7itpronetworking
I was testing PoshC2 against various proxies and one of them had a bug that prevented webclient requests through the proxy.
After some internet searches , I discovered and tested that the issue could be solved by setting a registry key. But this required administrator privileges.
However, using IE Com objects is much easier and managed to hack together a script that calls PoshC2 with IE com objects. As long as IE can reach the internet, proxy becomes a non-issue. I also find it to be a useful evasion technique.
I would love to contribute a PoC in the coming weeks if that is ok with you.
Would like to get your thoughts on this.
Thank you.