PEAS
Due to the presence ofAV, I would need to find a way to execute PEAS
*evil-winrm* ps c:\Users\legacyy\Documents> menu
,. ( . ) " ,. ( . ) .
(" ( ) )' ,' (` '` (" ) )' ,' . ,)
.; ) ' (( (" ) ;(, . ;) " )" .; ) ' (( (" ) );(, )((
_".,_,.__).,) (.._( ._), ) , (._..( '.._"._, . '._)_(..,_(_".) _( _')
\_ _____/__ _|__| | (( ( / \ / \__| ____\______ \ / \
| __)_\ \/ / | | ;_)_') \ \/\/ / |/ \| _/ / \ / \
| \\ /| | |__ /_____/ \ /| | | \ | \/ Y \
/_______ / \_/ |__|____/ \__/\ / |__|___| /____|_ /\____|__ /
\/ \/ \/ \/ \/
by: CyberVaca, OscarAkaElvis, Jarilaos, Arale61 @Hackplayers
[+] Dll-Loader
[+] Donut-Loader
[+] Invoke-Binary
[+] Bypass-4MSI
[+] services
[+] upload
[+] download
[+] menu
[+] exitevil-winrm comes with a set of tools for convenience
one of which is the bypass-4msi cmdlet that patches the amsi protection
Done
┌──(kali㉿kali)-[~/archive/htb/labs/timelapse]
└─$ wget -q https://github.com/carlospolop/PEASS-ng/releases/download/20231024-f6adaa47/winPEASx64.exeI will then grab the latest PEAS for Windows
It still doesn’t work.
┌──(kali㉿kali)-[~/archive/htb/labs/timelapse]
└─$ wget -q https://github.com/carlospolop/PEASS-ng/releases/download/20231024-f6adaa47/winPEAS.bat I would need to resort to the batch version of PEAS
Failed.
AV is heavily implemented. This appears to be a deadend