BeauKnowsCyber comments

Repositories
Issues
Comments

Results 4 comments of


                                            BeauKnowsCyber

Do I need to bypass the AV before executing the MSbuild command

@Ilyesdhiaeddine you should be able to IEX a ps1 that contains a reverse shell. That way the powershell section that is getting flagged by AV isn't there. In theory AMSI...

Do I need to bypass the AV before executing the MSbuild command

@Ilyesdhiaeddine I made a small change in my fork of this project that _shouldn't_ get caught by AV. Link if you want to take a look: https://github.com/beauknowstech/FullBypass

What the diffrence among GodPotato-NET2.exe GodPotato-NET35.exe and GodPotato-NET4.exe

Those are the .net versions @Yiaos

Cannot use double quotes inside command

With your command, it assumes you are ending at the second double quote. So `.\GodPotato.exe -cmd "cmd /c net localgroup "` Most programs you can use single quotes in addition...

BeauKnowsCyber

Do I need to bypass the AV before executing the MSbuild command

Do I need to bypass the AV before executing the MSbuild command

What the diffrence among GodPotato-NET2.exe GodPotato-NET35.exe and GodPotato-NET4.exe

Cannot use double quotes inside command

What the diffrence among GodPotato-NET2.exe GodPotato-NET35.exe and GodPotato-NET4.exe