Feature Request: USB Exfil Payloads Without Powershell
MatthewClarkMay opened this issue · 3 comments
MatthewClarkMay commented
I'm not sure if this is the place for this but it's more of a recommendation than an issue. Most of the payloads in this library use Powershell, but many companies block Powershell from running on most endpoints, or under normal user privilege. Anyone written any solid exfil / system info / loot collection payloads without using Powershell?
Thanks!
elgplayer commented
I think you can use cmd but it will not be as stealthy and is limited. I'm gonna check if its possible later today!
saintcrossbow commented
Just noticed this. I wrote one that you might want to try. I call it by powershell but you could call direct. Depends on .net which most of my tested targets have.
hink commented
Write a small Golang binary that is easily copyable to %TEMP%