issue with Run-EXE
zflemingg1 opened this issue · 2 comments
Hi,
I am having issues with the example provided for run-exe with a meterpreter exe. I get an error about DEP compatibility and then it closes the powershell window. Am I doing something wrong?
PowerShellMafia/PowerSploit#362 not sure if this is similar
Maybe it's also related to this: EmpireProject/Empire#415
Run-Exe
is just a wrapper for Invoke-ReflectivePEInjection
after all. We could also expose the -ForceASLR
flag, maybe that will help. No promises though.
However, if your goal is to run Meterpreter and your target system has access to web services on your machine, I'd recommend checking out the web_delivery
module of Metasploit. Very easy to use, very powerful. I used to use this in combination with PowerHub's Clip-Exec feature before web_delivery
caught up with their AMSI bypass.
Actually the flag -ForceASLR
is already applied by default.
You don't say exactly, but the error is actually a warning from what I can tell. The exact phrasing is "WARNING: PE is not compatible with DEP, might cause issues", right? Since it's only a warning, I'm not sure this is an issue. The window closing can be a sign that the anti virus interfering. Or it could be meterpreter closing the window and the exe us actually run correctly. Either way, it could be lots of things going on.
Since I believe this is an issue of PowerSploit, I'm closing this.