Closed nocomp closed 4 years ago
hello same error with payload windows / 3, searching for another file /evasion/venom/output/dist/Orevshell.exe': Aucun fichier ou dossier de ce type
I belive you have some bug on 'pyinstaller' ...
Because its pyinstaller that compiles the python 'template.py
' to binary (EXE) 'Ossl64b.exe
'..
hi, thxx a lot, i ll see if i can manyally install / fix this. i keep you posted on monday. thxx for your time
hi @r00t-3xp10it hope you are doin well, as promised i gave it a try, so first i ve installed pyinstaller: Installed /usr/local/lib/python2.7/dist-packages/altgraph-0.17-py2.7.egg Searching for setuptools==44.0.0 Best match: setuptools 44.0.0 Adding setuptools 44.0.0 to easy-install.pth file Installing easy_install script to /usr/local/bin
Using /usr/lib/python2.7/dist-packages Finished processing dependencies for PyInstaller==3.6
then i run venom.sh
then i choose 2 ; then 17
got a message sayin it use avet, clic on yes, it download avet and i can see this error:
[☠] Shellcode Generator [➽] Chose Agent number:17 [☠] MinGw EXE compiler found .. [x] avet obfuscator not found .. [☠] Installing avet software .. gcc: error: make_avet.c: Aucun fichier ou dossier de ce type gcc: fatal error: no input files compilation terminated. gcc: error: sh_format.c: Aucun fichier ou dossier de ce type gcc: fatal error: no input files compilation terminated. [✔] Done installing avet .. [☠] Enter shellcode settings!
then entering lhost and lport and name
then i choose reverse_tcp
get same error again cat: /home/nocomp/tools/evasion/venom/obfuscate/avet/template.txt: Aucun fichier ou dossier de ce type
[☠] Editing/backup files .. [☠] Decoding shellcode with avet .. rm: impossible de supprimer '/home/nocomp/tools/evasion/venom/obfuscate/avet/template.txt': Aucun fichier ou dossier de ce type [☠] Obfuscating shellcode with avet .. ./venom.sh: 9398: ./make_avet: not found [☠] Compiling shellcode to exe .. /usr/bin/mingw-gcc: 2: cd: can't cd to /root/.wine/drive_c/MinGW/bin gcc.exe: error: /home/nocomp/tools/evasion/venom/obfuscate/avet/avet.c: No such file or directory gcc.exe: fatal error: no input files compilation terminated. [☠] Start a multi-handler... [☠] Press [ctrl+c] or [exit] to 'exit' meterpreter shell [☯] Please dont test samples on virus total...
and when i search this file in avet git files, can t find it nocomp@kali:~/tools/evasion/avet$ find /home/nocomp/tools/evasion/avet -name "template.*" nocomp@kali:~/tools/evasion/avet$ ls avet.py build CHANGELOG LICENSE README.md source tools banner.txt build_script_tester.py input output setup.sh test_payloads nocomp@kali:~/tools/evasion/avet$
hope this does help to figure out thxx for your time,truelly appreciate
best regards
the funny part is that in /venom/obfuscate/avet the file is here... nocomp@kali:~/tools/evasion/venom/obfuscate/avet$ ls avet.py build CHANGELOG LICENSE README.md source test_payloads banner.txt build_script_tester.py input output setup.sh template.txt tools nocomp@kali:~/tools/evasion/venom/obfuscate/avet$ pwd
everytime you run option 2 / agent 17 it force to re download avet files, but they are already in te venom/obfusc/avet dir, and once it has download them, it gives the same error gcc: error: make_avet.c: Aucun fichier ou dossier de ce type
but file is in the dir ocomp@kali:~/tools/evasion/venom$ ls obfuscate/avet/source/ avet.c data_utility.h evasion get_payload payload_execution_method avetsvc.c debug_print get_command get_payload_info static_data command_exec decode_payload get_key implementations nocomp@kali:~/tools/evasion/venom$
Lets try to manually install avet... (warning this method its allready flag by AV soluctions) ..
1 Move to the correct directory structure
cd /home/nocomp/tools/evasion/venom/obfuscate/
2 delete AVET folder and all its contents
rm -rf avet
3 Download AVET project
git clone https://github.com/govolution/avet.git
4 Compile AVET files using GCC
cd avet
gcc make_avet.c -o make_avet
gcc sh_format.c -o sh_format
gcc: error: make_avet.c: Aucun fichier ou dossier de ce type
<-- venom cant find this file to compile it, and then offcourse that all code that cames next its fails (AVET does not be proper installed)..
bonjour @r00t-3xp10it thank you for your time, that s very nice of you. dunno if it s the right fix cause as you said, it s already flagged, but one thing i ve noticed, once you git clone, thare are no such fil in avet/ can t find any make_avet.c or sh_format.c in source/ either weird
Hi .. I've been reviewing avet project on github and i have found the problem ..
avet developer have changed the way the tool its installed -> now insted of make_avet.c and sh_format.c ..the developer have written a new script to install the tool ( setup.sh ) ...
I have been forced to write amsi evasion ( categorie nº8 ) in version 1.0.16 release because most payloads to windows ( categorie nº 2 ) are allready beeing flagged by AV soluctions ..
So.. to bypass ( windows ) Anti-virus its recomended to use the amsi evasion payloads ..
hi folks, thx a lot for this great tool, very intersting. i am running kali 2020b and i had no issues to install and run venom framework. one thing i ve noticed, all obfuscated payload don t work, never get a session open, and also form some of them when i want to have an exe out and not a .bat i get this error, sayin that there are no such file venom/output/dist/template.exe here is the last payload log i ve generated, and nothing in /output Generated key:f9bqOnSlVLWZnIszGFg3DOFcaF3Kur7vTvprFDNEEQqzeZFXXV12q6f9gGqvT7aXSkoqJZ
[☠] pyinstaller -> found! [☠] compile template.py -> Ossl64b.exe cp: impossible d'évaluer '/home/nocomp/tools/evasion/venom/output/dist/template.exe': Aucun fichier ou dossier de ce type [☠] Start a multi-handler... [☠] Press [ctrl+c] or [exit] to 'exit' meterpreter shell [☯] Please dont test samples on virus total...
anything i should do check? running 64b version
thank you for your time