Why can't I add users directly via PyPSRP in ProxyShell exploitation, and what is the workaround?

Directly adding users via PyPSRP fails because passing a password requires executing the PowerShell `ConvertTo-SecureString` command, which is not supported by Exchange PowerShell Remoting. The workaround is to invoke local PowerShell by first setting up a local Flask proxy server to handle load balancing, then configuring WinRM, `allowunencrypted`, and `TrustedHosts` on the target system. After that, you can establish a PowerShell session and use `Invoke-Command` with the `-ArgumentList` parameter to pass the secure password string, as demonstrated in the ProxyShell exploitation chain.