Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] powershell_lateral_movement_invoke_psexec #685

Closed
HackAkadDaniel opened this issue Jul 24, 2023 · 2 comments
Closed

[BUG] powershell_lateral_movement_invoke_psexec #685

HackAkadDaniel opened this issue Jul 24, 2023 · 2 comments
Labels
bug Something isn't working missing information Provide more information for us to work this issue.

Comments

@HackAkadDaniel
Copy link

Empire Version

  • 5.4.2 BC Security Fork

OS Information (Linux flavor, Python version)

  • OS: Kali 2023.1
  • Python: Python 3.11.2

Describe the bug

Module powershell_lateral_movement_invoke_psexec gets timeout on Winows Server 2019

To Reproduce

Steps to reproduce the behavior:

  1. Create http Listener (Starkiller)
  2. Create windows_launcher_bat
  3. Establish agent with that laucncher on a Windows 10 in the Active Directory (User as Domain-Admin)
  4. Interact with agent to identify the Domain Controller (powershell_lateral_movement_invoke_psexecpowershell_situational_awareness_network_powerview_find_localadmin_access)
  5. Interact with agent to establish new agent with DC (powershell_lateral_movement_invoke_psexec)

Behavior

The "Service" on Windows Server 2019 starts but gets a timeout and no agent to the Windows Server 2019 is established
@HackAkadDaniel HackAkadDaniel added the bug Something isn't working label Jul 24, 2023
@Cx01N
Copy link

Cx01N commented Aug 31, 2023

Do you know if the target had defender enabled? That would kill it off and have it appear to die after connecting back.

@Cx01N Cx01N added the missing information Provide more information for us to work this issue. label Aug 31, 2023
vinnybod added a commit that referenced this issue Sep 8, 2023
@vinnybod
Merge pull request #685 from BC-SECURITY/release/5.6.4-private
0645265 
v5.6.4 into private-main
@Cx01N
Copy link

Cx01N commented Oct 15, 2023

Closing due to inactivity

@Cx01N Cx01N closed this as completed Oct 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working missing information Provide more information for us to work this issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Cx01N @HackAkadDaniel