powerstager icon indicating copy to clipboard operation
powerstager copied to clipboard

Published 20 hours ago verified publisher icon z0noxz

Win10 Creators build - Powershell crashing

Open St3v3a opened this issue 7 years ago • 4 comments

Tried to run on latest W10 build but did not appear to work. So have tried running .ps1 locally as Admin and causes Powershell to crash..

Tried W32 & w64

St3v3a avatar May 12 '17 07:05 St3v3a

This might be due to different things. Have you tried the exact same .ps1 on other systems with success? If you are using meterpreter (or rather the msf stager injection), what payload are you staging from the msf console i.e. "/windows/x64/meterpeter/reverse_tcp"? What build number of W10 are you trying on? If you have used a private/gray IP in the payload, and nothing that could compromise your privacy or identity, could you paste the .ps1 here? Are you using the last source of PowerStager, as I recently made an uploaded of a fix for addresses containing zeroes (https://github.com/z0noxz/powerstager/commit/865b5dc9f6384482228416e8da6f17414d8d7534)?

z0noxz avatar May 14 '17 14:05 z0noxz

Can say I am having the same issue. Ever since the creator update powerstager will not create a session with meterpreter.

Bry-fi avatar May 31 '17 20:05 Bry-fi

I now have the latest build of Windows 10 in my lab. I initially had the same issue, but later got it to work. I think it's some of the PowerShell obfuscation that is the reason behind this issue. I'm currently working on a new release of PowerStager that I hopefully will commit to this repo very soon, with a new obfuscation engine (that also is optional) that might solve this issue.

z0noxz avatar Jun 04 '17 10:06 z0noxz

A new version is released. Could you try and see if the new one works for you? @steveatco @Bry-fi

z0noxz avatar Jun 10 '17 10:06 z0noxz