no payload generated when using templaye.py

[nocomp]

hi folks, thx a lot for this great tool, very intersting. i am running kali 2020b and i had no issues to install and run venom framework. one thing i ve noticed, all obfuscated payload don t work, never get a session open, and also form some of them when i want to have an exe out and not a .bat i get this error, sayin that there are no such file venom/output/dist/template.exe here is the last payload log i ve generated, and nothing in /output Generated key:f9bqOnSlVLWZnIszGFg3DOFcaF3Kur7vTvprFDNEEQqzeZFXXV12q6f9gGqvT7aXSkoqJZ

[☠] pyinstaller -> found! [☠] compile template.py -> Ossl64b.exe cp: impossible d'évaluer '/home/nocomp/tools/evasion/venom/output/dist/template.exe': Aucun fichier ou dossier de ce type [☠] Start a multi-handler... [☠] Press [ctrl+c] or [exit] to 'exit' meterpreter shell [☯] Please dont test samples on virus total...

anything i should do check? running 64b version

thank you for your time

[nocomp]

hello same error with payload windows / 3, searching for another file /evasion/venom/output/dist/Orevshell.exe': Aucun fichier ou dossier de ce type

[r00t-3xp10it]

I belive you have some bug on 'pyinstaller' ... Because its pyinstaller that compiles the python 'template.py' to binary (EXE) 'Ossl64b.exe'..

[nocomp]

hi, thxx a lot, i ll see if i can manyally install / fix this. i keep you posted on monday. thxx for your time

[nocomp]

hi @r00t-3xp10it hope you are doin well, as promised i gave it a try, so first i ve installed pyinstaller: Installed /usr/local/lib/python2.7/dist-packages/altgraph-0.17-py2.7.egg Searching for setuptools==44.0.0 Best match: setuptools 44.0.0 Adding setuptools 44.0.0 to easy-install.pth file Installing easy_install script to /usr/local/bin

Using /usr/lib/python2.7/dist-packages Finished processing dependencies for PyInstaller==3.6

then i run venom.sh

then i choose 2 ; then 17

got a message sayin it use avet, clic on yes, it download avet and i can see this error:

[☠] Shellcode Generator [➽] Chose Agent number:17 [☠] MinGw EXE compiler found .. [x] avet obfuscator not found .. [☠] Installing avet software .. gcc: error: make_avet.c: Aucun fichier ou dossier de ce type gcc: fatal error: no input files compilation terminated. gcc: error: sh_format.c: Aucun fichier ou dossier de ce type gcc: fatal error: no input files compilation terminated. [✔] Done installing avet .. [☠] Enter shellcode settings!

then entering lhost and lport and name

then i choose reverse_tcp

get same error again cat: /home/nocomp/tools/evasion/venom/obfuscate/avet/template.txt: Aucun fichier ou dossier de ce type

[☠] Editing/backup files .. [☠] Decoding shellcode with avet .. rm: impossible de supprimer '/home/nocomp/tools/evasion/venom/obfuscate/avet/template.txt': Aucun fichier ou dossier de ce type [☠] Obfuscating shellcode with avet .. ./venom.sh: 9398: ./make_avet: not found [☠] Compiling shellcode to exe .. /usr/bin/mingw-gcc: 2: cd: can't cd to /root/.wine/drive_c/MinGW/bin gcc.exe: error: /home/nocomp/tools/evasion/venom/obfuscate/avet/avet.c: No such file or directory gcc.exe: fatal error: no input files compilation terminated. [☠] Start a multi-handler... [☠] Press [ctrl+c] or [exit] to 'exit' meterpreter shell [☯] Please dont test samples on virus total...

and when i search this file in avet git files, can t find it nocomp@kali:~/tools/evasion/avet$ find /home/nocomp/tools/evasion/avet -name "template.*" nocomp@kali:~/tools/evasion/avet$ ls avet.py build CHANGELOG LICENSE README.md source tools banner.txt build_script_tester.py input output setup.sh test_payloads nocomp@kali:~/tools/evasion/avet$

hope this does help to figure out thxx for your time,truelly appreciate

best regards

[nocomp]

the funny part is that in /venom/obfuscate/avet the file is here... nocomp@kali:~/tools/evasion/venom/obfuscate/avet$ ls avet.py build CHANGELOG LICENSE README.md source test_payloads banner.txt build_script_tester.py input output setup.sh template.txt tools nocomp@kali:~/tools/evasion/venom/obfuscate/avet$ pwd

everytime you run option 2 / agent 17 it force to re download avet files, but they are already in te venom/obfusc/avet dir, and once it has download them, it gives the same error gcc: error: make_avet.c: Aucun fichier ou dossier de ce type

but file is in the dir ocomp@kali:~/tools/evasion/venom$ ls obfuscate/avet/source/ avet.c data_utility.h evasion get_payload payload_execution_method avetsvc.c debug_print get_command get_payload_info static_data command_exec decode_payload get_key implementations nocomp@kali:~/tools/evasion/venom$

[r00t-3xp10it]

Lets try to manually install avet... (warning this method its allready flag by AV soluctions) ..

• 1 Move to the correct directory structure cd /home/nocomp/tools/evasion/venom/obfuscate/

• 2 delete AVET folder and all its contents rm -rf avet

• 3 Download AVET project git clone https://github.com/govolution/avet.git

• 4 Compile AVET files using GCC

  cd avet
  gcc make_avet.c -o make_avet
  gcc sh_format.c -o sh_format

Final Notes:

gcc: error: make_avet.c: Aucun fichier ou dossier de ce type <-- venom cant find this file to compile it, and then offcourse that all code that cames next its fails (AVET does not be proper installed)..

[nocomp]

bonjour @r00t-3xp10it thank you for your time, that s very nice of you. dunno if it s the right fix cause as you said, it s already flagged, but one thing i ve noticed, once you git clone, thare are no such fil in avet/ can t find any make_avet.c or sh_format.c in source/ either weird

[r00t-3xp10it]

Hi .. I've been reviewing avet project on github and i have found the problem ..

avet developer have changed the way the tool its installed -> now insted of make_avet.c and sh_format.c ..the developer have written a new script to install the tool ( setup.sh ) ...

Final Notes:

I have been forced to write amsi evasion ( categorie nº8 ) in version 1.0.16 release because most payloads to windows ( categorie nº 2 ) are allready beeing flagged by AV soluctions ..

So.. to bypass ( windows ) Anti-virus its recomended to use the amsi evasion payloads ..