x86 version on windows 10 .

[JhonShell]

Hello , I am having a issue with the velociraptor and the x86 version on windows 10 , when I installed it , it does not send any info to the administration server , but I have installed the same version on x86_64 and it works fine. I would like to know what is going on , I had tested it on 3 different workstation , and one of them is x86.

log_ve.txt

As you can see in image not info is gardened from the agent even though it is connecting to the server normally.

[scudette]

The log file says conflict that means there is another client claiming the same client id

Is it possible that another client was reusing the same write back file?

[scudette]

From the log file it looks like you are running 0.6.6-rc2 . There was an issue in the windows service that was fixed in 0.6.6-2 as per the release notes.

Can you please check if upgrading to the full release fixed the issue?

[JhonShell]

Hello , I have tried with the version velociraptor-v0.6.6-2-windows-386.exe and the same result , I do not understand why the x86_64 works and this version does not.

log_ve2.txt log_ve3.txt

[scudette]

This looks better:

1. It is getting a 406 indicating it is not enrolled
2. It then enrols
3. Sends the enrollment message to the server and receives 200 which means it worked
4. The receiver contacts the server and also receives 200 which means it also worked

but next I would expect to see the client info requests come through but we are not seeing those,

Can you try to schedule an interrogate manually using the interrogate button in the hosts screen?

[JhonShell]

I have tried it too, you can see it in the images posted above, and when I do it no log it retrieved from the agent but the agent as you can see it communicating.

[scudette]

If this is still an issue for 0.6.7-4 please reopen