Don't use IE - Githubissues

t3l3machus / hoaxshell

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

BSD 2-Clause "Simplified" License

3.05k stars 482 forks source link

Don't use IE #8

Closed moyvting closed 2 years ago

moyvting commented 2 years ago

if you never used IE ,You can avoid this attack.

r4lix commented 2 years ago

good to know

corsch commented 2 years ago

Especially as IE is no longer visible on modern Windows systems.

I had the same issue on a testing machine. "Workaround" is to finish the IE Wizard.

effektsvk commented 2 years ago

That is due to Invoke-WebRequest, I think it's possible to replace it with Invoke-RestMethod. That is what I used in my script for downloading Google Chrome (https://github.com/effektsvk/getchrome-function). If I have the time, I will test it and submit a PR. :)

t3l3machus commented 2 years ago

Thank you for your input @moyvting @corsch @effektsvk This was really useful. I just added the -i option that generates the PS payload adjusted to use "Invoke-RestMethod' instead of 'Invoke-WebRequest', so now the user can choose.