App crash

[enkeyz]

So I used that bash script from Example 1, compiled it with mingw, and when I open exe on my VM, I get appcrash.

[govolution]

Did you compile it as described here? https://govolution.wordpress.com/2017/02/04/using-tdm-gcc-with-kali-2/

[enkeyz]

Looks like not:D Will report back, if it works!

[govolution]

OK. I always had problems like that when using different compilers, don't know why. If any problems let me know.

[enkeyz]

So, now exe is running fine, but metasploit is stuck at here:

I'm not running any AVs, and firewall is off. It's a clean virtual machine.

[govolution]

OK, looks like a msf problem or config problem. Send the shellscript you used (with your settings included) and I have a look.

[govolution]

Also might be a network problem... VirtualBox sometimes sucks at this.

[enkeyz]

Network is fine. I tried with a simple msfvenom payload.

Script: https://pastebin.com/D4F3gbS3

Edit: rebooted my VMs, still same problem.

[govolution]

Your handler is tcp, but the payload is https, so: set payload windows/meterpreter/reverse_https on msfconsole.

[enkeyz]

LOL man! Did I really missed that? :D Thanks:)

Bye the way, thanks for your work, it's fully undetectable by AVs - 0/61 - really nice work!

[govolution]

No problem ;).

[enkeyz]

I tried Veil Framework and Shellter before, but they get caught immediately. I'm not really into these things, but why are your project works, and others not?

[govolution]

Hard to say without a closer look. Might be my tool is newer and is not recognized because of that. Or maybe the evasion techniques that are used are effective. If you want to know more check out: https://deepsec.net/docs/Slides/2014/Why_Antivirus_Fails_-_Daniel_Sauder.pdf https://govolutionde.files.wordpress.com/2014/05/avevasion_pentestmag.pdf