Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
https://github.com/Ekultek/BlueKeep/blob/master/bluekeep_poc.py said: Generating the payloads is hard, especially when alsr is involved with it.
but you just send a hexed powershell command.
Is this really possible?