zcgonvh
commented
4 years ago @learncs-max CreateProcess fail on serverside, try exec c:\windows\system32\whoami.exe, or other program(like mshta,powershell,...).
You can also run shellcode msf.bin to open a msf session.
When I have a test on exchange 2016, "exec whoami" returns System.ComponentModel.Win32Exception(0x80004005):????? ? System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo,startInfo) ? Zcg.GMHFuckTools.ExampleStub.IISRemoteStub.Run(String proc, String arg)
Emmm, Could u plz give me some advice?