Agent 3 Windows - Githubissues

r00t-3xp10it / venom

venom - C2 shellcode generator/compiler/handler

1.79k stars 598 forks source link

Agent 3 Windows #42

Closed kl0101 closed 4 years ago

kl0101 commented 4 years ago

agent 3 windows does not work. I have no feedback on the metasploit console.

r00t-3xp10it commented 4 years ago

Did you have copy the shellcode from venom terminal to exec.py file and then saved the file? bug1

Does your wine its configurated to use the same target arch ?? example: if your target its windows10 then set wine to windows10 .. . also: why are you using an old payload ?? that build its flagged by most anti-virus solluctions, because they have a signature of that build in there databases ..(its a waste of time) ..

here are the new payloads: https://github.com/r00t-3xp10it/venom/releases/tag/v1.0.16

kl0101 commented 4 years ago

The window does not open to copy / paste the code. here is the error I get when I launch the payload with wine. It is not important to me it is not fud Capture d'écran 2019-12-29 09^%07^%27

codings9 commented 4 years ago

Interesting, i have wine installed, but i have never had the idea to open the payload with it, why not just open the payload in the context of windows 10 and see if there is a difference?

kl0101 commented 4 years ago

Intéressant, j'ai du vin installé, mais je n'ai jamais eu l'idée d'ouvrir la charge utile avec, pourquoi ne pas simplement ouvrir la charge utile dans le contexte de Windows 10 et voir s'il y a une différence?

@codings9 Agent 3 works for you?

r00t-3xp10it commented 4 years ago

1º - IF 'the windows does not open to copy/paste shellcode'
- Then its OBVIOUS that the binary build will not going work rigth ???
- "Because it misses the shellcode to connect back to handler"

2º - Venom uses 'gedit' or 'leafpad' to edit the 'exec.py' template.
- Do you have this packets installed and running in your system ???
- "I dont understand why venom did not edit the template file in this case"

3º - Yes its working, i have tested it esterday againts my wine windows7
- Check this commits: https://github.com/r00t-3xp10it/venom/issues/36#issuecomment-566686038

kl0101 commented 4 years ago

Indeed in the new version of Kali leafpad is not installed, I just did a new test by adding the code, I still have an error. I did a test with win7 and 10 Capture d'écran 2019-12-30 09^%40^%02

kl0101 commented 4 years ago

I managed to make the payload work with wine but not on a vm windows 10 Capture d'écran 2019-12-30 12^%03^%16 capture

r00t-3xp10it commented 4 years ago

Well it seems that its a PYTHON LIBS related issue under Windows10 .. <-- maybee ctypes * API call forget about this build ..because its flaged by most AV solluctions ..

Use the new payloads (3) of [ amsi evasion ] categorie insted .. https://github.com/r00t-3xp10it/venom/releases/tag/v1.0.16