Closed Summ1tSunshine closed 7 months ago
I have also tried load C:\\users\\dev\\desktop\\test.exe
and that resulted in the same error.
Hi, have you tried to activate the debug logs to view what is happening on client side ? The steps are described in the readme.
And also, can you try to use the load -h
command to process the loading and execution in a remote process instead on the rs-shell's client process ?
That's odd. When I compile with the debug option everything works fine. It's possible I had issues compiling the first time? Not sure.
Actually I realized the results are still the same and there is no output in the client console when I run "load C:\users\dev\desktop\test.exe". If I place the test.exe on the client in "C:\users\dev\desktop\" the command runs fine and executes the exe. Does the exe need to be on the client system before it can be executed? I thought it would pull the exe or shellcode from the server system and execute directly into memory.
Hi! Oh yeah, maybe the readme and the help are not clear. When you load a shellcode (with load -s
or syscalls -s
) the shellcode file must be set on your attacker computer and it will be loaded remotely.
However, to load a PE file, it must reside on the client target. For the moment I haven't implemented a remote PE loading from the attacker machine. But the idea is good!
Ahhh makes sense. Ok thanks for the information.
No problem, with pleasure 🙂
When attempting to run load and syscalls I get an error "Error openning file to load". The command looks like this. "load C:\users\dev\desktop\test.exe"
I have confirmed the exe does exist so I'm not sure what is wrong. Any ideas?