Encode to b64 with powershell and not certutil

NeffIsBack · NeffIsBack · commit 188ef13c876f · 2025-07-23T06:15:01.000-04:00
diff --git a/nxc/protocols/wmi/wmiexec.py b/nxc/protocols/wmi/wmiexec.py
@@ -77,7 +77,7 @@ def execute_WithOutput(self, command):
 
         commands = [
             f"{self.__shell} {command} 1> {result_output} 2>&1",
-            f"{self.__shell} certutil -encodehex -f {result_output} {result_output_b64} 0x40000001",
+            f'{self.__shell} powershell -Command "[Convert]::ToBase64String([IO.File]::ReadAllBytes(\'{result_output}\')) | Out-File -Encoding ASCII \'{result_output_b64}\'"',
             f'{self.__shell} for /F "usebackq" %G in ("{result_output_b64}") do reg add HKLM\\{self.__registry_Path} /v {keyName} /t REG_SZ /d "%G" /f',
             f"{self.__shell} del /q /f /s {result_output} {result_output_b64}",
         ]

Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ def execute_WithOutput(self, command):`
`77`	`77`
`78`	`78`	`commands = [`
`79`	`79`	`f"{self.__shell} {command} 1> {result_output} 2>&1",`
`80`		`- f"{self.__shell} certutil -encodehex -f {result_output} {result_output_b64} 0x40000001",`
	`80`	`+ f'{self.__shell} powershell -Command "[Convert]::ToBase64String([IO.File]::ReadAllBytes(\'{result_output}\')) \| Out-File -Encoding ASCII \'{result_output_b64}\'"',`
`81`	`81`	`f'{self.__shell} for /F "usebackq" %G in ("{result_output_b64}") do reg add HKLM\\{self.__registry_Path} /v {keyName} /t REG_SZ /d "%G" /f',`
`82`	`82`	`f"{self.__shell} del /q /f /s {result_output} {result_output_b64}",`
`83`	`83`	`]`