Closed PocketDC closed 1 year ago
I do not have access to Cobalt Strike to test this out, but can provide some guidance.
1) Donut will not be able to load the raw payload (.bin). It can load the PEs. 2) The issue may be with your donut parameters. I would suggest the following to test:
Oh man that absolutely fixed it thank you! It must have been the -x 3
that did it because I looked through my history and I had tried all of the others but was using -x 2. You're a legend; thank you sir
Hello! Entirely possible I'm missing something here but just wanted to say that I can't seem to get it to work with cobaltstrike at the moment. Using the up-to-date master.
Steps:
./donut -i path/to/payload
The hiccup must be with the loader generation in donut because I'm able to execute the unobfuscated payloads just fine (.exe and .dll) and able to use the inject.exe to execute the unobfuscated .bin files too