windows agent 3 not working

r00t-3xp10it / venom

venom - C2 shellcode generator/compiler/handler

1.76k stars 594 forks source link

windows agent 3 not working #36

Closed usama7628674 closed 4 years ago

usama7628674 commented 5 years ago

@r00t-3xp10it Not getting meterpreter shell Windows payload with agent 3 PY(Pyherion/NXcrypt) Tested on windows 10 v1809 and v1903 Used pyinstaller for compilation,didn't use pyherion and nxcrypt.

r00t-3xp10it commented 5 years ago

iam current working in venom 1.0.16 version .. many of venom payloads are now beeing caugth by AV soluctions .. (so fix that pyinstaller error in your distro does not matter now)..

venom V:1.0.16 will present 4 new evasion payloads <-- play with this ones insted .. (release date preview: agost)

usama7628674 commented 5 years ago

Don't worry I can make them FUD

usama7628674 commented 5 years ago

@r00t-3xp10it I'm getting the following error if I run .py file (not converted to .exe)

Traceback (most recent call last):
  File "shellcode.py", line 19, in <module>
    iKaiRSdDk()
WindowsError: exception: access violation writing 0x02FA9CE8

This maybe due to ctypes module.

r00t-3xp10it commented 4 years ago

yes ...maybee.. i have now finished all pending projects .. i can now return to venom v:1.0.16 release ..

usama7628674 commented 4 years ago

@r00t-3xp10it Sounds good.

r00t-3xp10it commented 4 years ago

Question: Did you have copy the shellcode from venom terminal to exec.py file and then saved the file? bug1 because i have reproduced your steps: Used pyinstaller for compilation,didn't use pyherion and nxcrypt. bug2 And i have try to run it againts my windows 7 (inside wine) and the payload have successfully connected back.. bug3

OR maybee your 'wine' its not configurated for 'windows 10' versions and that give the bug ?

usama7628674 commented 4 years ago

@r00t-3xp10it Hmmm let me check again and we'll continue discussion later then.

kl0101 commented 4 years ago

@r00t-3xp10it I have exactly the same unsolved problem, the payload does not work.

r00t-3xp10it commented 4 years ago

Did you have copy the shellcode from venom terminal to exec.py file and then saved the file? bug1

Does your wine its configurated to use the same target arch ?? example: if your target its windows10 then set wine to windows10 .. . also: why are you using an old payload ?? that build its flagged by most anti-virus solluctions, because they have a signature of that build in there databases ..(its a waste of time) ..

here are the new payloads: https://github.com/r00t-3xp10it/venom/releases/tag/v1.0.16