You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jan 29, 2020. It is now read-only.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
crash
Имя события проблемы: CLR20r3
Сигнатура проблемы 01: cmd.exe
Сигнатура проблемы 02: 1.0.6959.3454
Сигнатура проблемы 03: 5c439cbc
Сигнатура проблемы 04: mscorlib
Сигнатура проблемы 05: 4.6.1590.0
Сигнатура проблемы 06: 5787ee1b
Сигнатура проблемы 07: 6b47
Сигнатура проблемы 08: 24
Сигнатура проблемы 09: PUYL1YSRBZLI4302TJNBZ1HF4QQMYKVP
Версия ОС: 6.1.7601.2.1.0.256.1
Код языка: 1049
Дополнительные сведения 1: dbf8
Дополнительные сведения 2: dbf8663c220ef0bf1c57544dee05a35b
Дополнительные сведения 3: 6720
Дополнительные сведения 4: 672008b0a1f8f7a2a8804ee91dcda582
Hi @generatorada how are you trying to launch the agent? Maybe missing a reference?
Example:
System: Windows 10 Enterprise LTSC C:\windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /t:exe /out:program.exe .\program.cs /r:System.Management.Automation.dll ./program.exe (Empire) > [*] Sending POWERSHELL stager (stage 1) to 192.168.1.38 [*] New agent LM57CPUS checked in [+] Initial agent LM57CPUS from 192.168.1.38 now active (Slack) [*] Sending agent (stage 2) to LM57CPUS at 192.168.1.38
I'm building VS 2015
connect with empire i get
only exe crashes in a minute well maybe 2 minutes)
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
None yet
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
adoreste
changed the title
REF: https://www.cyberark.com/threat-research-blog/amsi-bypass-redux/
REF: https://rastamouse.me/2018/10/amsiscanbuffer-bypass---part-2/