[HELP] excecuted the payload command in an elevated cmd and stil doesnt work

trustedsec / unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

https://www.trustedsec.com

Other

3.74k stars 817 forks source link

[HELP] excecuted the payload command in an elevated cmd and stil doesnt work #80

Closed clancrate closed 6 years ago

clancrate commented 6 years ago

I'm having trouble establishing a meterpreter connection on my extra lappy. I intentionally disabled the antivirus and windows defender and it still doesn't work. the code runs for a sec and closes. target is not a fully updated windows 10 32bit computer

heres the payload: https://pastebin.com/iwnm0j47 and heres the unicorn.rc file: https://pastebin.com/HpRMZrYW

any help would be appreciated :)

trustedsec commented 6 years ago

Unicorn is for 64 bit platforms, I removed the 32 bit compatibility since we don't see that out in the wild anymore.