Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PAExec does not encrypt the data #31

Open
pawel-kedzior-sw opened this issue Jul 15, 2019 · 3 comments
Open

PAExec does not encrypt the data #31

pawel-kedzior-sw opened this issue Jul 15, 2019 · 3 comments

Comments

@pawel-kedzior-sw
Copy link

As stated in #18
and https://www.poweradmin.com/paexec/ PAExec only XOR's data.

Any ideas on how to improve it? Which parts are vulnerable (logging? copying files? remote calls?)
@poweradminllc
Copy link
Owner

The most important data that needs to be encrypted is the command line passed from the local instance to the remote instance. Remote.cpp, GetDataToSend and the corresponding SetFromReceivedData are the two sides that send and receive the data. This is sent through a named pipe. The only tricky bit is agreeing on a shared key without transmitting that key.

@pawel-kedzior-sw
Copy link
Author

Ok, what about the console output from the command? I assume that it also travels over the same pipe.

@poweradminllc
Copy link
Owner

Oh yes, that's right. stdin, stdout and stderr are redirected each through their own named pipe in ConsoleRedir.cpp, CreateIOPipesInService.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@poweradminllc @pawel-kedzior-sw