search

BishopFox / sliver

Adversary Emulation Framework
GNU General Public License v3.0
8.37k stars 1.1k forks source link

Build failed, no file data #134

Closed SneakyOttersec closed 4 years ago

SneakyOttersec commented 4 years ago

Describe the bug The generation of a new windows agent sliver binary failed. (source compiling from the latest commit 940e6e)

To Reproduce

All hackers gain exalted
[*] v0.0.7 - 940e6e480447d2bcee64a1fccc9b9d5b84f19c6c
[*] Welcome to the sliver shell, please type 'help' for options

sliver > generate --os windows --http 1.2.3.4 --skip-symbols -s /tmp

[*] Generating new windows/amd64 Sliver binary
[!] Symbol obfuscation is disabled
[*] Build completed in 00:01:23
[!] Build failed, no file data

Expected behavior A windows agent binary should be generated.

Desktop (please complete the following information):

Sliver logs

INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/transports/s60.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/transports/s61.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/transports/s62.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/transports/s63.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:444] [mkdir] "/home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/version" 
INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/version/s64.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/version/s65_windows.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:421] Skipping file wrong os/arch: version/version_linux.go 
INFO[0028] [sliver/server/generate/binaries.go:421] Skipping file wrong os/arch: version/version_darwin.go 
INFO[0028] [sliver/server/generate/binaries.go:444] [mkdir] "/home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/winhttp" 
INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/sliver/winhttp/s68.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:454] [render] /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/src/github.com/bishopfox/sliver/s69.go 
INFO[0028] [sliver/server/generate/binaries.go:461] Canary domain(s): [] 
INFO[0028] [sliver/server/generate/binaries.go:479] Obfuscating source code ... 
INFO[0028] [sliver/server/gobfuscate/main.go:51] Copying GOPATH (/home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY) ... 
INFO[0110] [sliver/server/gobfuscate/main.go:65] Obfuscating strings ... 
INFO[0111] [sliver/server/generate/binaries.go:489] Obfuscated GOPATH = /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/obfuscated 
INFO[0111] [sliver/server/generate/binaries.go:490] Obfuscated sliver package: github.com/bishopfox/sliver 
INFO[0111] [sliver/server/gogo/go.go:101] go cmd: '/home/pridwen/.sliver/go/bin/go build -trimpath -tags netgo -ldflags -s -w -buildid= -H=windowsgui -o /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/obfuscated/bin/DEVELOPED_BOOTY.exe .' 
INFO[0111] [sliver/server/gogo/go.go:104] --- stdout ---

INFO[0111] [sliver/server/gogo/go.go:105] --- stderr ---
sliver/taskrunner/s50_windows.go:36:2: 
sliver/evasion/s1.go:1:1: expected 'package', found 'EOF'

INFO[0111] [sliver/server/gogo/go.go:106] exit status 1 
DEBU[0111] [sliver/server/db/db.go:187] Loading db from /home/pridwen/.sliver/db/buckets/c9ae572a-e763-4874-b848-d2775e8ebea1 
INFO[0111] [/home/pridwen/go/pkg/mod/github.com/dgraph-io/badger@v1.6.0/logger.go:46] All 0 tables opened in 0s 
INFO[0111] [/home/pridwen/go/pkg/mod/github.com/dgraph-io/badger@v1.6.0/logger.go:46] Replaying file id: 0 at offset: 0 
INFO[0111] [/home/pridwen/go/pkg/mod/github.com/dgraph-io/badger@v1.6.0/logger.go:46] Replay took: 23.235107ms 
INFO[0111] [sliver/server/generate/slivers.go:96] Saved config for 'DEVELOPED_BOOTY' 
ERRO[0111] [sliver/server/generate/binaries.go:350] Failed to save file to db open /home/pridwen/.sliver/slivers/windows/amd64/DEVELOPED_BOOTY/obfuscated/bin/DEVELOPED_BOOTY.exe: no such file or directory %!s(<nil>)

Additional info The generation of the linux agent is working

And of course than you for this tool and the time you invested in it !

moloch-- commented 4 years ago

Same root cause as issue #133 we're working on a fix :)

rkervella commented 4 years ago

My bad, I forgot to add some files during my last merge. @Pridwen you should be good to go.

Be aware that full symbol obfuscation is currently broken, as stated in #133

SneakyOttersec commented 4 years ago

Worked like a charm thank you !

linjan commented 4 years ago

thank you, @rkervella !