Commands in skills created in caldera don't work on the victim machine, but they do work directly on the victim machine #2925
Replies: 1 comment
-
|
Hi, what do you mean by "does not work"?? Maybe the problem are the quotes (") you are using (or are they added in your comment here)? How is the command displayed in the CALDERA interface? Also, did you check what command is executed on the victim machine, e.g., by viewing event logs? The problem might also be missing privileges. When executing the command directly on the victim, are you using an elevated shell or standard user privileges? Are you executing the ability using an elevated agent? Since executing the command manually, I guess Antivirus should not be a problem. Also, is there a reason you are using cmd, to start powershell, to start a new process instead of executing mimikatz directly? |
Beta Was this translation helpful? Give feedback.
-
The environment is as follows, a victim machine (w11 with mimikatz installed) and an attacker machine (kali with caldera installed). when you want to execute the code in cmd:
powershell.exe "IEX Start-Process -FilePath "C:\Users\User\Downloads\master-mimikatz\mimikatz.exe" -Verb RunAs"; lsadump::lsa /patch"
Works on w11 but does not work for the skill created in caldera.
Beta Was this translation helpful? Give feedback.
All reactions