Click here to Skip to main content
15,887,683 members
Search within:


How do I fix error with invoke-reflectivepeinjection
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
PowerShell
script
Im trying to embed an exe on a powershell script as described on https://truesecdev.wordpress.com/2016/03/15/embedding-exe-files-into-powershell-scripts/

and to the script https://github.com/PowerShellMafia/PowerSploit/blob/master/CodeExecution/Invoke-ReflectivePEInjection.ps1

I have added

# Your base64 encoded binary

$InputString = '...........' with the exe converted to base64

and have also included

# Convert base64 string to byte array

$PEBytes = [System.Convert]::FromBase64String($InputString)

# Run EXE in memory

Invoke-ReflectivePEInjection -PEBytes $PEBytes


but Im getting this cascade of errors

however the first that I get is


Exception calling "GetMethod" with "1" argument(s): "Ambiguous match found."
At C:\users\ieuser\desktop\PowerSploit-master\CodeExecution\Invoke-ReflectivePEInjection2.ps1:1007 char:6
+ $GetProcAddress = $UnsafeNativeMethods.GetMethod('GetProcAddr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : AmbiguousMatchException

What I have tried:

I have tried as admin

and have tried theses changes


replacing $UnsafeNativeMethods.GetMethod('GetProcAddress'}) on the line referenced by the error with $UnsafeNativeMethods.GetMethods().Where({$_.Name -eq 'GetProcAddress'}) |Select -First 1

made a change to

$GetProcAddress = $UnsafeNativeMethods.GetMethod('GetProcAddress',
[type[]]('IntPtr', 'System.String'))

and

$GetProcAddress = $UnsafeNativeMethods.GetMethod('GetProcAddress',
[type[]]('System.Runtime.InteropServices.HandleRef', 'System.String'))


also tried the suggestions from

https://github.com/PowerShellMafia/PowerSploit/issues/335
https://github.com/PowerShellMafia/PowerSploit/issues/293
https://github.com/PowerShellMafia/PowerSploit/pull/289



But nothing seems to work


What can be the reason for these errors and how can I fix them

The exe file that I used as example was putty (for some reason every time I see a youtube video its the program used as example)
Posted
Updated 27-Mar-20 5:54am
Add a Solution
Comments
Member 14651994 27-Mar-20 11:43am    
full list of the errors

https://www58.zippyshare.com/v/DButFIfV/file.html

2 solutions

Go back to where you got the code, and ask there: we aren't here to fix your problems with third (or fourth) party code, and it's very likely that since you have just "acquired" code from multiple sources that it isn't going to work together without significant changes anyway.

You can't just find code, bolt it together, and hope: you have to understand the code you are copying so you can modify it to fit your environment and exact requirements.
 
Share this answer
 
Posted 
Exception calling "GetMethod" with "1" argument(s): "Ambiguous match found."
At C:\users\ieuser\desktop\PowerSploit-master\CodeExecution\Invoke-ReflectivePEInjection2.ps1:1007 char:6
+ $GetProcAddress = $UnsafeNativeMethods.GetMethod('GetProcAddr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : AmbiguousMatchException

Check the method name that you are referring to on that line of your script, it seems it is not unique. See also AmbiguousMatchException Class (System.Reflection) | Microsoft Docs[^]. The string you are referring to is not unique within
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How do I fix the camera.main error
How do I fix error cs1026 in this=(
How do I fix these errors
How to fix this error
How to fix template error?
How do I fix this error?
How do I fix the } expected error in the following code?
How do I fix this "self" error?
How do I fix undefined reference error?
How do I fix the problem please

Advertise
Privacy
Cookies
Terms of Use
Last Updated 27 Mar 2020
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web02 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900