search

cheetz / c2

Covert Channels for C2 Server
17 stars 20 forks source link

generate_binary fails #1

Open vladmolch opened 9 years ago

vladmolch commented 9 years ago

I am getting this when running generate_binary (SMBExec and Veil are installed)

generate_binary 192.168.1.7 80 Traceback (most recent call last): File "/opt/pyinstaller-2.0/pyinstaller.py", line 17, in from PyInstaller.main import run File "Z:\opt\pyinstaller-2.0\PyInstallerinit.py", line 55, in version += get_repo_revision() File "Z:\opt\pyinstaller-2.0\PyInstaller\utils\git.py", line 25, in get_repo_revision rev = exec_command('git', 'rev-parse', '--short', 'HEAD', cwd=cwd).strip() File "Z:\opt\pyinstaller-2.0\PyInstaller\compat.py", line 284, in exec_command out = subprocess.Popen(cmdargs, stdout=subprocess.PIPE, kwargs).communicate()[0] File "C:\Python27\lib\subprocess.py", line 711, in init** errread, errwrite) File "C:\Python27\lib\subprocess.py", line 948, in _execute_child startupinfo) WindowsError: [Error 2] File not found Traceback (most recent call last): File "./server.py", line 302, in gen_bin(info[1],info[2]) File "./server.py", line 125, in gen_bin gen_binary.generate_binary(IP,PORT) File "/opt/c2/gen_binary.py", line 93, in generate_binary subprocess.check_output("wine C:/Python27/python.exe /opt/pyinstaller-2.0/pyinstaller.py --icon=RichText.ico --noconsole --onefile winword.py", shell=True) File "/usr/lib/python2.7/subprocess.py", line 573, in check_output raise CalledProcessError(retcode, cmd, output=output) subprocess.CalledProcessError: Command 'wine C:/Python27/python.exe /opt/pyinstaller-2.0/pyinstaller.py --icon=RichText.ico --noconsole --onefile winword.py' returned non-zero exit status 1

cheetz commented 9 years ago

Are you running in Kali 2.0 or 1.x?

vladmolch commented 9 years ago

2.0

Sent from my iPad

On Oct 1, 2015, at 6:56 PM, Peter Kim notifications@github.com wrote:

Are you running in Kali 2.0 or 1.x?

— Reply to this email directly or view it on GitHub.

cheetz commented 9 years ago

It should work just fine in 1.x, but looks like 2.0 might have caused an issue. I'll play around with it later this week.

vladmolch commented 9 years ago

Cool Thx I'll try running it on 1

On Oct 1, 2015, at 7:02 PM, Peter Kim notifications@github.com wrote:

It should work just fine in 1.x, but looks like 2.0 might have caused an issue. I'll play around with it later this week.

— Reply to this email directly or view it on GitHub.

vladmolch commented 9 years ago

i got it working. i just put pyinstaller into /opt/pyinstaller-2.0/. That's what it was looking for Thx

vladmolch commented 9 years ago

Spoke too soon, lol it goes through the process but doesnt regenerate the Z:\opt\c2\dist\winword.exe

generate_binary 192.168.1.7 80 131 INFO: wrote Z:\opt\c2\winword.spec 232 INFO: Testing for ability to set icons, version resources... 273 INFO: ... resource update available 284 INFO: UPX is not available. 398 INFO: Processing hook hook-os 1035 INFO: Processing hook hook-time 1058 INFO: Processing hook hook-cPickle 1352 INFO: Processing hook hook-_sre 1918 INFO: Processing hook hook-cStringIO 2079 INFO: Processing hook hook-encodings 2105 INFO: Processing hook hook-codecs 2908 INFO: Extending PYTHONPATH with Z:\opt\c2 2908 INFO: checking Analysis 2909 INFO: building Analysis because out00-Analysis.toc non existent 2909 INFO: running Analysis out00-Analysis.toc 2910 INFO: Adding Microsoft.VC90.CRT to dependent assemblies of final executable 2916 INFO: Searching for assembly x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww ... 2917 INFO: Found manifest C:\windows\WinSxS\Manifests\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375.manifest 2926 INFO: Searching for file msvcr90.dll 2927 INFO: Found file C:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll 2927 INFO: Searching for file msvcp90.dll 2928 INFO: Found file C:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll 2928 INFO: Searching for file msvcm90.dll 2929 INFO: Found file C:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll 3109 INFO: Analyzing Z:\opt\pyinstaller-2.0\PyInstaller\loader_pyi_bootstrap.py 3200 INFO: Processing hook hook-os 3250 INFO: Processing hook hook-site 3292 INFO: Processing hook hook-encodings 3542 INFO: Processing hook hook-time 3552 INFO: Processing hook hook-cPickle 3694 INFO: Processing hook hook-_sre 3994 INFO: Processing hook hook-cStringIO 4186 INFO: Processing hook hook-codecs 5021 INFO: Processing hook hook-pydoc 5270 INFO: Processing hook hook-email 5437 INFO: Processing hook hook-httplib 5530 INFO: Processing hook hook-email.message 5711 INFO: Analyzing Z:\opt\pyinstaller-2.0\PyInstaller\loader\pyi_importers.py 5898 INFO: Analyzing Z:\opt\pyinstaller-2.0\PyInstaller\loader\pyi_archive.py 6065 INFO: Analyzing Z:\opt\pyinstaller-2.0\PyInstaller\loader\pyi_carchive.py 6264 INFO: Analyzing Z:\opt\pyinstaller-2.0\PyInstaller\loader\pyi_os_path.py 6294 INFO: Analyzing winword.py 6656 INFO: Hidden import 'codecs' has been found otherwise 6656 INFO: Hidden import 'encodings' has been found otherwise 6657 INFO: Looking for run-time hooks 6954 INFO: Using Python library C:\Python27\python27.dll 7159 INFO: Warnings written to Z:\opt\c2\build\winword\warnwinword.txt 7165 INFO: checking PYZ 7166 INFO: rebuilding out00-PYZ.toc because out00-PYZ.pyz is missing 7166 INFO: building PYZ (ZlibArchive) out00-PYZ.toc 8210 INFO: checking PKG 8211 INFO: rebuilding out00-PKG.toc because out00-PKG.pkg is missing 8211 INFO: building PKG (CArchive) out00-PKG.pkg 9411 INFO: checking EXE 9412 INFO: rebuilding out00-EXE.toc because winword.exe missing 9413 INFO: building EXE from out00-EXE.toc 9416 INFO: SRCPATH [('RichText.ico', None)] 9417 INFO: Updating icons from ['RichText.ico'] to c:\users\root\temp\tmpjnctfy 9418 INFO: Writing RT_GROUP_ICON 0 resource with 20 bytes 9418 INFO: Writing RT_ICON 1 resource with 744 bytes 9439 INFO: Appending archive to EXE Z:\opt\c2\dist\winword.exe

root@tester:~# ls -lah /opt/c2/ total 3.2M drwxr-xr-x 4 root root 4.0K Oct 2 08:32 . drwxr-xr-x 59 root root 4.0K Oct 2 08:14 .. drwxr-xr-x 2 root root 4.0K Oct 2 08:32 agent -rwxr-xr-x 1 root root 4.4K Oct 1 12:25 covert_channel.py -rwxr-xr-x 1 root root 2.9K Oct 1 12:25 gen_binary.py drwxr-xr-x 8 root root 4.0K Oct 1 12:25 .git -rwxr-xr-x 1 root root 624K Oct 1 12:25 mimikatz.ps1 -rwxr-xr-x 1 root root 512 Oct 1 12:25 password.py -rwxr-xr-x 1 root root 36K Oct 1 12:25 power.py -rwxr-xr-x 1 root root 261K Oct 1 12:25 powerview.ps1 -rwxr-xr-x 1 root root 766 Oct 1 12:25 RichText.ico -rwxr-xr-x 1 root root 17K Oct 1 12:25 server.py -rwxr-xr-x 1 root root 104 Oct 1 12:25 setup.sh -rwxr-xr-x 1 root root 412K Nov 29 2014 winworder32.exe -rwxr-xr-x 1 root root 512K Oct 29 2014 winworder.exe -rw-r--r-- 1 root root 439K Feb 15 2015 winworder.zip -rw-r--r-- 1 root root 439K Feb 15 2015 winworder.zip.1 -rw-r--r-- 1 root root 439K Feb 15 2015 winworder.zip.2 -rw-r--r-- 1 root root 2.1K Oct 2 08:32 winword.py -rwxr-xr-x 1 root root 3.7K Oct 1 12:25 words_list.py -rwxr-xr-x 1 root root 3.2K Oct 1 12:25 words.txt

cheetz commented 9 years ago

Tested on Kali 2.0. Installed Veil and SMBexec, git cloned the c2 code, and ran this command: cp -R ./usr/share/pyinstaller /opt/pyinstaller-2.0

It all worked after that.

vladmolch commented 9 years ago

Hmmm I cant make it generate a binary and everything seems to be working

TheRealJoeDoran commented 8 years ago

Did you check under /opt/c2/agent ?

root@prd-kali-2:/opt/c2/agent# ls -al total 3592 drwxr-xr-x 2 root root 4096 Dec 10 21:39 . drwxr-xr-x 4 root root 4096 Dec 10 21:39 .. -rw-r--r-- 1 root root 0 Dec 10 21:38 deleteme.txt -rwxr-xr-x 1 root root 3665987 Dec 10 21:39 winword.exe