Forward and reverse connection for remote cmd in Windows.

[paolosezart]

I have Windows 10. I start the server with the command:

ssfd.exe -c SERVER_std.cfg

The contents of SERVER_cfg.cfg:

{
    "ssf": {
        "services": {
            "shell": {
                "enable": true,
                "path": "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe",
                "args": "-File -"
            }
        }
    }
}

Next, I run the client (locally, for a test):

ssf.exe -Y 127.0.0.1:1010 127.0.0.1

He gives me this:

ssf.exe -Y 127.0.0.1:1010 127.0.0.1
[2023-11-14T05:57:22+05:00] [info] [config] [tls] CA cert path: <file: ./certs/trusted/ca.crt>
[2023-11-14T05:57:22+05:00] [info] [config] [tls] cert path: <file: ./certs/certificate.crt>
[2023-11-14T05:57:22+05:00] [info] [config] [tls] key path: <file: ./certs/private.key>
[2023-11-14T05:57:22+05:00] [info] [config] [tls] key password: <>
[2023-11-14T05:57:22+05:00] [info] [config] [tls] dh path: <file: ./certs/dh4096.pem>
[2023-11-14T05:57:22+05:00] [info] [config] [tls] cipher suite: <DHE-RSA-AES256-GCM-SHA384>
[2023-11-14T05:57:22+05:00] [info] [config] [http proxy] <None>
[2023-11-14T05:57:22+05:00] [info] [config] [socks proxy] <None>
[2023-11-14T05:57:22+05:00] [info] [config] [circuit] <None>
[2023-11-14T05:57:22+05:00] [info] [ssf] connecting to <127.0.0.1:8011>
[2023-11-14T05:57:22+05:00] [info] [ssf] running (Ctrl + C to stop)
[2023-11-14T05:57:22+05:00] [info] [client] connection attempt 1/1
[2023-11-14T05:57:23+05:00] [info] [client] connected to server
[2023-11-14T05:57:23+05:00] [info] [client] running
[2023-11-14T05:57:23+05:00] [error] [user_service] [remote-shell] local microservice[process]: start failed: service not found
[2023-11-14T05:57:23+05:00] [error] [microservice] [admin] could not start local microservice for service[remote-shell]
[2023-11-14T05:57:23+05:00] [error] [client] service <remote-shell> KO

In the window ssfd.exe at this time:

ssfd.exe -c SERVER_ssfd.cfg
[2023-11-14T05:57:16+05:00] [info] [config] loading file <SERVER_ssfd.cfg>
[2023-11-14T05:57:16+05:00] [info] [config] [tls] CA cert path: <file: ./certs/trusted/ca.crt>
[2023-11-14T05:57:16+05:00] [info] [config] [tls] cert path: <file: ./certs/certificate.crt>
[2023-11-14T05:57:16+05:00] [info] [config] [tls] key path: <file: ./certs/private.key>
[2023-11-14T05:57:16+05:00] [info] [config] [tls] key password: <>
[2023-11-14T05:57:16+05:00] [info] [config] [tls] dh path: <file: ./certs/dh4096.pem>
[2023-11-14T05:57:16+05:00] [info] [config] [tls] cipher suite: <DHE-RSA-AES256-GCM-SHA384>
[2023-11-14T05:57:16+05:00] [info] [config] [http proxy] <None>
[2023-11-14T05:57:16+05:00] [info] [config] [socks proxy] <None>
[2023-11-14T05:57:16+05:00] [info] [config] [microservices][shell] path: <C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe>
[2023-11-14T05:57:16+05:00] [info] [config] [microservices][shell] args: <-File ->
[2023-11-14T05:57:16+05:00] [info] [config] [circuit] <None>
[2023-11-14T05:57:16+05:00] [info] [ssfd] listening on <*:8011>
[2023-11-14T05:57:16+05:00] [info] [ssfd] running (Ctrl + C to stop)
[2023-11-14T05:57:23+05:00] [warning] [microservice] [stream_listener]: cannot listen on network interface <127.0.0.1> without gateway ports option
[2023-11-14T05:57:23+05:00] [info] [microservice] [stream_listener]: forward TCP connections from <127.0.0.1:1010> to 1010

How to properly configure to get a remote command shell in Windows?

What am I doing wrong?