spectre icon indicating copy to clipboard operation
spectre copied to clipboard
verified publisher icon D4stiny

Spectre Doesn’t Always Execute

Open siesta888 opened this issue 5 years ago • 1 comments

I installed successfully (verified with ping) and can sometimes get spectre to execute commands but it only works every once out of maybe 3-4 tries. The command I’m using: cmd.exe /c whoami

Sometimes it returns properly but other times it just doesn’t nothing or says it expected 14 bytes but got 12 etc. I’m using the default setup for the config and windows 10 pro.

siesta888 avatar Aug 13 '20 15:08 siesta888

This is due to the way that the Spectre Rootkit actually executes commands. Essentially it uses a thread callback to look for a viable thread to start a process from. If no viable thread is created and the timeout runs out, you will see those types of errors.

Will consider implementing proper process creation that doesn't fall victim to RNG and implementing better error responses.

D4stiny avatar Aug 14 '20 18:08 D4stiny