cmd.Run

[shrek3n]

When giving it a pkcs7 code signed cert it looks to be finishing up building and then i receive a cmd.Run() error.

[*] Encrypting Shellcode Using AES Encryption
[+] Shellcode Encrypted
[+] Patched ETW Enabled
[*] Creating an Embedded Resource File
[+] Created Embedded Resource File With schannel's Properties
[*] Compiling Payload
[+] Payload Compiled
[*] Signing schannel.dll With a Valid Cert <file>.p7b
2022/02/25 11:57:49 cmd.Run() failed with exit status 255

Additionally, my network needs a proxy for it to create a fake cert based on domain. Can you include that as an option to use a proxy to create a fake cert?

[fras3c]

I'm getting a cmdRun() error as well on ubuntu 20.04.

[*] Encrypting Shellcode Using AES Encryption
[+] Shellcode Encrypted
[+] Patched ETW Enabled
[!] Warning ETW Will Only be Patched in the Primarly Process Not the Created One
[+] Process Injection Mode Enabled
[*] Created Process: C:\Windows\System32\notepad.exe
[+] Sleep Timer set for 2748 milliseconds
[*] Creating an Embedded Resource File
[+] Created Embedded Resource File With Word's Properties
[*] Compiling Payload
exit status 2: # OKKaSVGvUQNRsHID
./Word.go:4443:2: expected declaration, found 8
./Word.go:4443:387: 'P' exponent requires hexadecimal mantissa
./Word.go:4443:388: exponent has no digits
./Word.go:4443:474: string literal not terminated
./Word.go:4525:2: expected declaration, found OMUeH
./Word.go:4552:2: expected declaration, found XXkpFtPtA

[+] Payload Compiled
[*] Signing Word.exe With a Fake Cert
2022/03/04 17:22:51 cmd.Run() failed with exit status 255

Any ideas? thanks

[Tylous]

what command-line arguments are you running @fras3c

[Tylous]

Please see the latest update if this issue is still present.

[Tylous]

Closing as this should be addressed and there is another issue that addresses this.