search

TheWover / donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
BSD 3-Clause "New" or "Revised" License
3.61k stars 637 forks source link

ERROR: open /tmp/shellcode.bin.donut: no such file or directory #66

Closed DarknightCanada closed 4 years ago

DarknightCanada commented 4 years ago

`[?] Unhook enabled [?] Anti-debug enabled [?] Syscalls enabled [?] Payload will be put in .text section [?] Final shellcode will be encoded with sgn [?] Waiting 5 seconds before executing the payload [?] Processing binaries/JuicyPotato.exe [?] PE detected: binaries/JuicyPotato.exe: PE32+ executable (console) x86-64, for MS Windows [?] Executing donut

[ Donut shellcode generator v0.9.3 [ Copyright (c) 2019 TheWover, Odzhan

usage: donut [options] <EXE/DLL/VBS/JS>

   Only the finest artisanal donuts are made of shells.

               -MODULE OPTIONS-

   -n <name>            Module name for HTTP staging. If entropy is enabled, this is generated randomly.
   -s <server>          HTTP server that will host the donut module.
   -e <level>           Entropy. 1=None, 2=Use random names, 3=Random names + symmetric encryption (default)

               -PIC/SHELLCODE OPTIONS-

   -a <arch>            Target architecture : 1=x86, 2=amd64, 3=x86+amd64(default).
   -b <level>           Bypass AMSI/WLDP : 1=None, 2=Abort on fail, 3=Continue on fail.(default)
   -o <path>            Output file to save loader. Default is "loader.bin"
   -f <format>          Output format. 1=Binary (default), 2=Base64, 3=C, 4=Ruby, 5=Python, 6=Powershell, 7=C#, 8=Hex
   -y <addr>            Create thread for loader and continue execution at <addr> supplied.
   -x <action>          Exiting. 1=Exit thread (default), 2=Exit process

               -FILE OPTIONS-

   -c <namespace.class> Optional class name. (required for .NET DLL)
   -d <name>            AppDomain name to create for .NET assembly. If entropy is enabled, this is generated randomly.
   -m <method | api>    Optional method or function for DLL. (a method is required for .NET DLL)
   -p <arguments>       Optional parameters/command line inside quotations for DLL method/function or EXE.
   -w                   Command line is passed to unmanaged DLL function in UNICODE format. (default is ANSI)
   -r <version>         CLR runtime version. MetaHeader used by default or v4.0.30319 if none available.
   -t                   Execute the entrypoint of an unmanaged EXE as a thread.
   -z <engine>          Pack/Compress file. 1=None, 2=aPLib

examples:

donut c2.dll
donut -a1 -cTestClass -mRunProcess -pnotepad.exe loader.dll
donut loader.dll -c TestClass -m RunProcess -p"calc notepad" -s http://remote_server.com/modules/

[?] Executing sgn

/ / () /__ / / _ ____ __ () (-</ \/ / '/ / __/ _/ / `/ / / _ \/ _/ / ///////_\_,/_/_,/ _, /_,/ ////_,//
========[Author:-Ege-Balcı-]====//=======v2.0.0=========
┻━┻ ︵ヽ(`Д´)ノ︵ ┻━┻ (ノ ゜Д゜)ノ ︵ 仕方がない

2020/09/20 22:32:56 [MAIN] ERROR: open /tmp/shellcode.bin.donut: no such file or directory root@kali:~/HTB/rastalab/PEzor# locate shellcode.bin.donut `

any idea how to deal with this error? I tried everything! Installl it and impotred the PATH

jeffmcjunkin commented 4 years ago

For context OP seems to be using https://github.com/phra/PEzor, so I'd say to post the issue over in that repo.

TheWover commented 4 years ago

Agreed. That seems to be an issue with PEZor. The only recommendation that I can make is to ensure that Donut's python module is installed, which seems to be done by PEZor. Recommend you post the issue on that repo.