pyrdp icon indicating copy to clipboard operation
pyrdp copied to clipboard
verified publisher icon GoSecure

Payload injection: failure when injecting powershell

Open lubiedo opened this issue 3 years ago • 1 comments

Info

Branch: master Command line:

$ pyrdp-mitm.py --payload-powershell-file payload.ps1  --payload-delay 10000 --payload-duration 1000 [REDACTED]

Windows version: Server 2016 Datacenter

Issue:

image

Fix:

A simple fix would be to use ; instead of & here: https://github.com/GoSecure/pyrdp/blob/4cafde053d6f2eef8885f5649fdf6c0b83891871/pyrdp/mitm/RDPMITM.py#L434 This way we will ignore the output and just execute the exit.

lubiedo avatar Jul 12 '22 22:07 lubiedo

Did you git blame for why it was an ampersand to begin with? AFAIK & is not even valid on cmd, it should've been &&

obilodeau avatar Jul 13 '22 18:07 obilodeau