ghost
commented
4 years ago when files from https://github.com/Accenture/CLRvoyance are put in place of the missing file exception i no longer throw error.
Closed ghost closed 4 years ago
ghost
commented
4 years ago when files from https://github.com/Accenture/CLRvoyance are put in place of the missing file exception i no longer throw error.
ghost
commented
4 years ago pull request #7 is what i did to fix it as well. i havent tested it thou
joeleonjr
commented
4 years ago Fix has been merged in. Thanks for raising the issue!
I had an earlier version installed for testing and tried to install this one (install appears to have worked fine. But i get the following error when running script. I think the submodule isnt being downloaded (i did try to download it as well). But im not sure any help is appreciated.
`root@Kali: EXCELntDonut -f templates/processInjection.cs
| __\ \/ / _| __| | _ | || \ | | | | \ / | | | | | | ' | | | | |/ | ' | | | | | | | / \ || || || | | | || || | () | | | | || | | |____//___|__|_|| ||\|___/ \/|| ||_,|__| by @JoeLeonJr (@FortyNorthSec)
load_entry_point('EXCELntDonut', 'console_scripts', 'EXCELntDonut')()
File "/home/user/EXCELntDonut/EXCELntDonut/drive.py", line 77, in main
x64Shellcode, x64Size, x64Count = generateShellcode(args,'x64')
File "/home/user/EXCELntDonut/EXCELntDonut/drive.py", line 198, in generateShellcode
s = generateCLRvoyanceShellcode(randExeName)
File "/home/user/EXCELntDonut/EXCELntDonut/drive.py", line 524, in generateCLRvoyanceShellcode
bootstrap = open(path + "/CLRvoyance/sc-64-clr", 'rb').read()
FileNotFoundError: [Errno 2] No such file or directory: '/home/user/EXCELntDonut/EXCELntDonut/CLRvoyance/sc-64-clr'`
[i] Generating your x86 .NET assembly. [i] Generating shellcode from x86 .NET assembly file. [i] Removing null bytes from x86 shellcode with msfvenom Attempting to read payload from STDIN... Found 11 compatible encoders Attempting to encode payload with 1 iterations of x86/shikata_ga_nai x86/shikata_ga_nai failed with Encoding failed due to a bad character (index=209, char=0x00) Attempting to encode payload with 1 iterations of generic/none generic/none failed with Encoding failed due to a bad character (index=3, char=0x00) Attempting to encode payload with 1 iterations of x86/call4_dword_xor x86/call4_dword_xor failed with A key could not be found for the Call+4 Dword XOR Encoder encoder. Attempting to encode payload with 1 iterations of x86/countdown x86/countdown failed with Encoding failed due to a bad character (index=72, char=0x00) Attempting to encode payload with 1 iterations of x86/fnstenv_mov x86/fnstenv_mov failed with A key could not be found for the Variable-length Fnstenv/mov Dword XOR Encoder encoder. Attempting to encode payload with 1 iterations of x86/jmp_call_additive x86/jmp_call_additive failed with Encoding failed due to a bad character (index=633, char=0x00) Attempting to encode payload with 1 iterations of x86/xor_dynamic x86/xor_dynamic succeeded with size 30683 (iteration=0) x86/xor_dynamic chosen with final size 30683 Payload size: 30683 bytes Saved as: _excelntdonut_NqeDGNigJTo2.bin [i] Null bytes removed for x86. [i] Generating your x64 .NET assembly. [i] Generating shellcode from x64 .NET assembly file. Traceback (most recent call last): File "/usr/local/bin/EXCELntDonut", line 11, in