Comments (7)
commented on August 19, 2024
Hehe, I don't like snagging other peoples stuff.. I'll write a stub encoder for it.. Have plenty of space to play with. Should be done next couple days
from unicorn.
commented on August 19, 2024
Thanks for letting me know btw! Appreciate it.
Does it get snagged upon opening and enabling the macro or as soon as its downloaded?
from unicorn.
Viss
commented on August 19, 2024
windows 10, newish office install, defender pops when you try and open it.
I wager rearranging the payload and perhaps obfuscating the powershell.exe string will likely be enough, but I havent tried myself
On June 28, 2016 7:05:38 PM PDT, trustedsec [email protected] wrote:
Thanks for letting me know btw! Appreciate it.
Does it get snagged upon opening and enabling the macro or as soon as
its downloaded?
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub:
#20 (comment)
from unicorn.
beethical
commented on August 19, 2024
Same problem here!
Today, I checked the latest Macro created via unicorn (and veil) through every available Antivirus, and some of them detected the Macro as a Trojan,even before opening the document ! :)
The screenshot below shows the results:
from unicorn.
commented on August 19, 2024
tested macro injection and normal ps1 - looks to get around windows defender with the update I just pushed out - let me know your experience but closing this for now. Will re-open if that differs. Thanks for the report!
from unicorn.
Viss
commented on August 19, 2024
THANK YOU SIR <3
from unicorn.
Viss
commented on August 19, 2024
I will test.
from unicorn.
Related Issues (20)
- Powershell errors on execution HOT 2
- is it possible to execute custom payload created through proper coding can be injected through unicorn. HOT 1
- I am having issues getting my callbacks HOT 2
- Formatting troubles with Word/Excel VBA editor HOT 1
- Windows/download_exec HOT 1
- REQUEST - User input for AMSI Bypass and Decoded/Encoded Shell
- Can`t skip UC_ERR_READ_UNMAPPED
- the powershell script is detectable. HOT 7
- no more bypassing defender
- Logical Error in Help Section HOT 3
- Macro reverse_https is detected by Windows Defender. Is there a workaround for this?
- Macro compatibility HOT 2
- Do unicorn work with android payloads like android/meterpreter/reverse_tcp and if it do then how? HOT 1
- i have a problem with unicorn Also ensure your syntax for unicorn is correct. Missing IP address, HOT 2
- stuck at generating payload HOT 1
- Payload Gets Detected Even After Obfuscation in Windows 10. HOT 1
- No meterpreter being caught by handler HOT 1
- Powershell ERROR
- t
- SyntaxWarning with Python 3.12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from unicorn.