3xploit666
commented
6 years ago Hello pedro how are you i am 3xploit the youtobe
Open r00t-3xp10it opened 6 years ago
3xploit666
commented
6 years ago Hello pedro how are you i am 3xploit the youtobe
usama7628674
commented
5 years ago @r00t-3xp10it This repo really helps me a lot.Very informative and well written.
joker8989
commented
5 years ago @r00t-3xp10it do u bave any idea how can exeucte powershell payload without "powershell.exe" Instead of : powershell.exe -nop -w 1 - enc ... By this example(without powershell.exe) -nop -w 1 -enc ... Run a powershell script without the begining keyword powershell.exe
Did not want to open thread cause of this
r00t-3xp10it
commented
5 years ago yes i know how .. read this - defcon27 Lab 5
joker8989
commented
5 years ago According to your tool this does not create powershell process so i dont need to bypass AMSI right? Or i need?
r00t-3xp10it
commented
5 years ago P.S its not my tool (defcon27) and yes.. thats the objective of lab 5 exercise presented in defcon27 conference
joker8989
commented
5 years ago Ok i will try that just for any case do u know a command to run the -enc from powershell i mean without the powershell.exe keyword (the begining of the line)..
This issue its direct linked to 'common format strings obfuscation technics' article:
[$] GitHub Article: common format strings obfuscation technics :1st_place_medal:
If you have some new technics to describe that you wish to seen published under that article, (contributing to its growing) leave a comment that i will review it/test it and publish it under the article with a special note describing your name (nickname)..
Thanks ..and long live the open source comunity ..