You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I don't believe this is an issue with SweetPotato, I think it may be caused by the fact that I obfuscated SweetPotato to bypass Defender, or it could be something in the system's configuration. I'm trying to understand why running the SweetPotato privesc using execute-assembly with Cobalt Strike or Sliver fails, but if I run it in an interactive session it succeeds? I did obfuscate some function names and recompiled to bypass Defender but I would think that if it works in an interactive session then it would work in a C2 with execute-assembly. Is it possible that my efforts to bypass Defender changed something in the code that I need to fix before it will work using execute-assembly? Thanks in advance.
The text was updated successfully, but these errors were encountered:
I don't believe this is an issue with SweetPotato, I think it may be caused by the fact that I obfuscated SweetPotato to bypass Defender, or it could be something in the system's configuration. I'm trying to understand why running the SweetPotato privesc using execute-assembly with Cobalt Strike or Sliver fails, but if I run it in an interactive session it succeeds? I did obfuscate some function names and recompiled to bypass Defender but I would think that if it works in an interactive session then it would work in a C2 with execute-assembly. Is it possible that my efforts to bypass Defender changed something in the code that I need to fix before it will work using execute-assembly? Thanks in advance.
The text was updated successfully, but these errors were encountered: